Exploit: Misconfiguration
Microsoft: Software Developer
Risk to Business: 2.801 = Moderate
The personal information of hundreds of thousands of users of Microsoft’s EventBuilder has been exposed in a misconfiguration snafu. Researchers who discovered the leak say that the data was exposed through an improperly configured Azure blob and was available for an unknown length of time. The mistake was quickly fixed.
Individual Risk: 2.727 = Moderate
Personal data for event registrants including names, email addresses and job titles was exposed in more than one million CSV and JSON files of EventBuilder driven events hosted through Microsoft Teams.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Human error is still the biggest cause of a data breach and this is one mistake goes to show that applies to every business – even the big dogs can fumble once in a while.
Source: Bleeping Computer