Microsoft was involved in a data breach with millions of customer service and support records exposed.

The report was revealed by the Comparitech security research team, published on January 22. Paul Bischoff from Comparitech security research team says that it took place over the new year.

The records contained all the conversations between Microsoft’s customer support agents and customers through 14 years from 2005 to December 2019.

The data was found in five different servers – each containing identical data for 250 million records. The data included personal details that could help identify an individual. Luckily Diachenko, one of the research team’s members, says — “email aliases, contact numbers, and payment information—was redacted.”

But still, most of the data including Customer email addresses, IP addresses, Locations, Descriptions of CSS claims and cases, Microsoft support agent emails, Case numbers, resolutions, and remarks and even Internal notes marked as “confidential,” were in plain text.

These plain text data could prove beneficial to tech support scammers, says Paul. “… the dangers of this exposure should not be underestimated.”


Leave us a comment