The latest news to rock the tech world relates to a breach of one of Microsoft’s databases. The tech company has officially confirmed one of its databases containing nearly 250 million records remained exposed over the internet for a few days of December 2019.
Microsoft says it has secured the exposed database as soon as the issue was highlighted by a consumer website. The database comprised of random conversation logs between Microsoft’s support staff and customers from all over the world.
The tech giant has reiterated that most of the personal information contained in those logs had already been removed by automated tools. While this comes as a sigh of relief, Microsoft admits some email IDs and IP addresses may not have been “cleansed” by its automated tools.
Microsoft claims to have found no evidence yet of any misuse of data over the exposed database. However, given the exposure remained unchecked for a few days, this cannot be guaranteed. Even if there is no actual misuse, it is widely suspected that spammers and malware propagators will try to capitalize over this incident.
As an end user, what’s most relevant for us is how we can remain protected from any imminent damage. Well, if you did not contact Microsoft support between the years 2005 and 2019, you are most likely not included in the affected database at all.
In case you were among the above mentioned pool, be prepared to receive unsolicited phishing emails from seemingly authentic Microsoft email IDs. Most of these emails will entice you to click on various links to secure your account from the effects of the recent data breach.
The safest bet in this situation is that you avoid replying to or clicking any link contained in these emails. The data breach is likely to be used by spammers to steal your login credentials or gain unauthorized access to personal data over your email account.
Be super watchful for any reference to your conversation with any of the Microsoft’s support staff as it may compel you to respond to or click a malicious link in such an email. Lastly, Microsoft has vowed to contact any affected individuals whose personal info could not be removed from its conversation logs.