Microsoft encountered a rare error earlier this month when department staff IT of the company accidentally left one of Bing's backend servers exposed on the internet.
The server was discovered by Ata Hakcil, a security researcher at WizCase, who shared his findings exclusively with ZDNet last week.
According to Hakcil's research, the server is believed to have exposed more than 6,5 TB records containing 13 billion archives coming from the Bing search engine.
The Wizcase researcher was able to verify the foundings by locating in the server logs various search queries he did in Android Bing application.
Hakcil said the server was exposed online from September 10 to September 16, which alerted the Microsoft Security Response Center (MSRC), and that the post server was secured with a password.
Last week, Microsoft admitted its mistake.
"We've fixed a configuration that caused a small amount of search query data to be reported," a Microsoft spokesman said last week.
"After the analysis, we found that the exposed data was limited and undefined."
ZDNet, which was given access to the server while exposed to the Internet without password, can confirm that no personal user information has been exposed.
Instead, the server reported technical details, such as search queries, user system details (device, operating system, Browser etc.), geographical location details (where available) and various Tokens, hashes, and coupon codes.
The server is Elasticsearch. Its servers Elasticsearch are high systems quality where companies collect large quantities data for easy searching and filtering of billions of records.
Over the past four years, Elasticsearch servers have often been the source of many random data leaks.
The reasons vary and can vary from administrators who forget to set a password, the firewalls or systems VPN that suddenly "fall" and expose a company's internal servers.
Greek
Chinese (Simplified)
English
Greek
Russian