You are here

Millions of Microsoft-stored data records mistakenly exposed

By AFP - Aug 24,2021 - Last updated at Aug 24,2021

SAN FRANCISCO — Some 38 million records stored on a Microsoft service, including private information, were mistakenly left exposed this year, security firm UpGuard said on Monday.

The data, including names, addresses, financial information and COVID-19 vaccination statuses, was made vulnerable — but not compromised — before the problem was resolved, according to the digital security company's investigation.

Among the 47 affected organisations were American Airlines, Ford, JB Hunt and public agencies such as the Maryland Department of Health and New York City's public transit system.

They all used a Microsoft product called Power Apps, which allows for the creation of websites and mobile apps to interact with the public.

The service's default software configuration setting meant the data of the affected organisations was left without protection up until June 2021, according to UpGuard.

 

up
31 users have voted, including you.


Newsletter

Get top stories and blog posts emailed to you each day.

PDF