Cyber Security

Microsoft Data Leak – 250 Million Microsoft Customer Service Support Records Exposed Online

Microsoft exposed a Customer Support Database that contains logs of conversations between Microsoft support agents and customers all over the world.

Nearly 250 million records leaked and the leaked account info ranges 14-year period between 2005 to December 2019.

All the exposed data can be accessible by anyone by just having a web browser, no username or password is required.

Five Elasticsearch Servers Uncovered

The Elasticsearch servers are uncovered by Comparitech security researcher Bob Diachenko, “each of which contained an identical set of the 250 million records.”

Diachenko reached to Microsoft and the exposed data was secured by Microsoft within 24. It is unsure that if any third parties gained access to the database at the time.

The following are the details exposed: Customer email addresses, IP addresses, Locations, Descriptions of CSS claims and cases, Microsoft support agent emails, Case numbers, resolutions, and remarks and Internal notes marked as “confidential”.

The exposed data can be utilized by Tech support scammers to contact users pose to be from Microsft support.

Microsoft Report

Microsoft also released an investigation report states that leak occurs due to “a misconfiguration of an internal customer support database used for Microsoft support case analytics.”

The company also confirms that exposure was limited as the “majority of records were cleared of personal information by our standard practices.”

“We want to sincerely apologize and reassure our customers that we are taking it seriously and working diligently to learn and take action to prevent any future reoccurrence,” Microsoft said.

Also Read

Wawa Hacked – Thousands of Customers Credit and Debit Card Numbers Exposed Domain Seized by Law enforcement Agencies for Selling Access to Breached Data


Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.

Recent Posts

WhatsApp Secret Code Feature Lets Users Set Unique Locked Chat Passwords

WhatsApp has announced the rollout of a new feature to safeguard sensitive conversations. The Secret…

17 mins ago

SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data

In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii…

12 hours ago

Is Your Online Store Hacked in a Carding Attack? Here’s an Action Plan to Protect

Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using…

16 hours ago

Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and…

16 hours ago

New Android Malware Employs Various Tactics to Deceive Malware Analyst

In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of…

18 hours ago

DJvu Ransomware Mimic as Cracked Software to Compromise Computers

A recent campaign has been observed to be delivering DJvu ransomware through a loader that…

19 hours ago