Microsoft accidentally internet-exposed for three weeks 250 million customer support records stored in five misconfigured Elasticsearch databases. The exposed data included email addresses, IP addresses, locations and customer support interactions – including case number and resolutions – as well as confidential internal notes. Microsoft has apologized, blaming a misconfiguration of security rules. Security expert says the exposed data would have been of limited use to hackers, but overall, the risk is low. Microsoft says the investigation had not uncovered signs of malicious use, and it noted that most of the personal data had been redacted.”]
Source: https://www.govinfosecurity.com/microsoft-error-exposed-250-million-elasticsearch-records-a-13639