BlackCSI Blog

BlackCSI has been serving the Pennsylvania area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Microsoft Dealing with Major Data Leak

Microsoft Dealing with Major Data Leak

Incorrect configurations on your infrastructure’s hardware are surprisingly easy mistakes to make, and even worse, they can have severe security ramifications if they are not discovered promptly. It can happen to anyone, as evidenced by a recent data leak. One of the most popular software developers out there, Microsoft, made a pretty nasty blunder with one particular setting that led to a huge data leak that could have exposed millions of records.

This data leak affected users of Microsoft’s Power Apps, which is a software used by many companies and organizations to share data. Power Apps is used by big-name organizations and agencies like American Airlines, Maryland’s health department, and New York’s Metropolitan Transport Authority. This data leak was discovered by cybersecurity researchers at UpGuard. After identifying that the data leak was a potential security issue, UpGuard notified Microsoft about it.

Thankfully, the issue was promptly resolved, but while the data leak was active, sensitive information like names, Social Security numbers, phone numbers, dates of birth, vaccination records, demographic information, and more was left unsecured. While there is no indication that this information was accessed in any improper way, the fact remains that it was unsecured for an extended period of time and, therefore, vulnerable to attack.

The most unbelievable part of this whole issue is that Microsoft claims that the application was working as intended, which means that the default settings for the software were configured in such a way that this private or sensitive data were unsecured. Microsoft has adjusted the default settings so that there is greater privacy, but they have yet to comment on why it was such a problem in the first place.

You can never be too careful when it comes to your business’ sensitive information, as even the solutions that you believe are properly secured could eventually create a data leak if improperly configured. A security audit might be an effective way to identify these issues, but the fact of the matter is that nobody will find a leak they are not actively looking for, hence why this particular leak occurred and went undetected for so long. People simply had no reason to look for it at first.

BlackCSI wants to help your business ensure that all of the tools you use are not putting your sensitive information at odds or at risk. We can monitor your network for inconsistencies and make sure your solutions are properly configured right from the implementation step.

To learn more, contact us at (717) 620-3042.

Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Improve Your Business’ Wi-Fi Connection with These...
Windows 8.1 Is Running Out of Time. Here’s What Yo...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, June 28, 2022

Captcha Image

Latest News & Events

BlackCSI, a leading managed technology services provider (MTSP), announced today that the company is helping business securely manage their Apple devices, Mac OS, iPads and iPhones with a cloud-based managed IT services tool. 

Latest Blog

The modern business is faced with countless challenges that threaten its existence, many of which stem from the problems associated with network security. If a business doesn’t have policies, procedures, and solutions in place that protect ...

Contact Us

Learn more about what BlackCSI
can do for your business.

(717) 620-3042

507 N. York Street
Mechanicsburg, Pennsylvania 17055