Monday, January 25, 20:36
Home security Microsoft "secures" the backend server that leaked Bing data

Microsoft "secures" the backend server that leaked Bing data

Microsoft encountered a rare error earlier this month when department staff IT of the company accidentally left one of Bing's backend servers exposed on the internet.

The server was discovered by Ata Hakcil, a security researcher at WizCase, who shared his findings exclusively with ZDNet last week.

According to Hakcil's research, the server is believed to have exposed more than 6,5 TB records containing 13 billion archives coming from the Bing search engine.

The Wizcase researcher was able to verify the foundings by locating in the server logs various search queries he did in Android Bing application.

Microsoft backend server data Bing

Hakcil said the server was exposed online from September 10 to September 16, which alerted the Microsoft Security Response Center (MSRC), and that the post server was secured with a password.

Last week, Microsoft admitted its mistake.

"We've fixed a configuration that caused a small amount of search query data to be reported," a Microsoft spokesman said last week.

"After the analysis, we found that the exposed data was limited and undefined."

ZDNet, which was given access to the server while exposed to the Internet without password, can confirm that no personal user information has been exposed.

Instead, the server reported technical details, such as search queries, user system details (device, operating system, Browser etc.), geographical location details (where available) and various Tokens, hashes, and coupon codes.

The server is Elasticsearch. Its servers Elasticsearch are high systems quality where companies collect large quantities data for easy searching and filtering of billions of records.

Over the past four years, Elasticsearch servers have often been the source of many random data leaks.

The reasons vary and can vary from administrators who forget to set a password, the firewalls or systems VPN that suddenly "fall" and expose a company's internal servers.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...

SpaceX launched 143 satellites simultaneously

SpaceX broke every record with its last spacecraft mission into orbit. The company successfully launched the Transporter-1 mission ...

Sony may resurrect the Xperia Compact to compete with Apple

Have you seen the iPhone 12 mini and wish there was an Android equivalent to this small but powerful smartphone? Can the desire ...

Artificial intelligence (AI) may one day be used against us

AI algorithms offer us the news we read, the ads we see, and in some cases even drive cars ...