Microsoft Disputing Just How Big Its Customer Data Leak Was

Microsoft says that an unspecified amount of customer data, including contact info and email content, was recently left exposed to potential access over the internet as a result of a server configuration error. From a report: Cybersecurity vendor SOCRadar, which reported the data leak to Microsoft, said in a blog post that data belonging to more than 65,000 companies was affected. Microsoft, however, said in its own post that SOCRadar "has greatly exaggerated the scope of this issue." Microsoft didn't disclose specifics around the number of companies whose data may have been exposed in the leak or the amount of data involved. The server misconfiguration was reported on Sept. 24, and the impacted server was "quickly secured" after that, according to Microsoft. Due to the configuration error, there was a potential that certain "business transaction data" could have been accessed without a need for authentication, Microsoft said. The data corresponds to "interactions between Microsoft and prospective customers," including around the planning and implementation of Microsoft services, the company said in its post.

Read more of this story at Slashdot.