250 mn Microsoft customer data exposed: How to protect yourself against this
If you have never used Microsoft Support services your data is probably safeUpdated: Jan 24, 2020 15:27 IST
We just reported yesterday about Microsoft admitting that they have exposed nearly 250 million customer service records owing to “misconfiguration of an internal customer support database” used for tracking support cases that included logs of conversations between Microsoft support agents and customers from all over the world.
According to reports, all of the Microsoft customers’ data was left accessible to anyone with a web browser, with no password or other authentication needed.
While all of this sounds positively scary, especially the 250 million exposed records bit, it isn’t as dangerous as it sounds. If you have never used Microsoft’s support services, your data is safe.
And if you have, your personal information is ‘probably’ safe for now. The breach was Microsoft’s fault, they accidentally left a database of customer service records exposed for two days before they fixed the issue. Though the data base did contain information on 250 million users, most of the data was actually unusable – almost all personal information was ‘redacted’ from the records and only some IP addresses and emails were left lying around.
If you’ve never ever used the Microsoft help and support services, you’re probably not affected. And even if your information was ‘exposed’, hackers ‘probably’ can’t do much with what was there. However, this does not mean that they are not going to try.
Microsoft said that they have found no evidence that this lot of exposed data has been accessed for malicious use yet but they have warned that exposed email IDs could be used for phishing attacks from accounts posing as official Microsoft support.
A hacker can use your email ID and details from exchanged emails between you and the real Microsoft support services and send a fake follow-up email about issues you have been facing prompting you to fake log-in pages that can steal your information.
The best advice in this case is to keep an eye out for random Microsoft Support emails if you have used the service in the past and also make sure you do not click on any random links that you feel might be even a little suspicious. Better safe than sorry.
If you are careful, there is nothing you have to worry about, at least from this data breach.