The software and electronic brand Microsoft errantly exposed more than 40 million records containing sensitive information during a recent breach. The company has not revealed the exact length of time the information in question was displayed to digital miscreants. However, Microsoft representatives have stated the information was made available long enough for hackers to use it to open new accounts in targets' names and use their identities for other illegal purposes.
Though Microsoft representatives have not stated precisely what caused the sensitive data to be exposed, the company has let on that the careless preparation of power app configurations caused the breach. It appears that the Apps platform was not configured properly, ultimately forcing users to configure information as either public or private. The personal information linked to the records described above will likely lead to identity theft.
This breach occurred in August 2021.
The data leak impacts clients of the company and customers of those clients. The information plucked from the company’s systems includes that pertaining to corporate clients that serve millions of people. The data exposed to hackers ranges from customer email addresses to social security numbers, coronavirus vaccination records, and more. Examples of those organizations include Ford, American Airlines, Departments of Health, and public school systems.
The breach impacts nearly 50 of Microsoft's clients. All in all, between 30 million and 40 million customers of those companies were affected. It appears as though the exact figure is around 38 million. To find out more, read Users' Data is leaked by Microsoft Power Apps.