BlueBleed: Microsoft customer data leak claimed to be ‘one of the largest’ in years

Microsoft has confirmed a data leak linked to a misconfigured server for a cloud storage service but is disputing the extent of the problem.

In a revelation this week, Microsoft’s Security Response Center said the cloud provider was notified by threat intelligence firm SOCRadar on September 24 about the misconfigured endpoint that exposed business transaction data related to interactions between Microsoft and customers.

The information included planning or potential implementation and provisioning of Microsoft services, according to MSRC. Once notified, Microsoft secured the endpoint, which now can only be accessed through required authentication.

Microsoft disputed SOCRadar’s description of the extent of the leak, which it said involved business transaction data like names, email address, email content, company names, and phone numbers and may also include attached files linked to business “Between a customer and Microsoft or an authorized Microsoft partner.”

SOCRadar researchers said misconfigured servers are among the top causes of data leaks and, pointing to the SANS 2022 Top New Attacks and Threat Report, added that data exfiltration from cloud storage is a common attack avenue.

In an email to The Register, Erich Kron, security awareness advocate for cybersecurity firm KnowBe4, said that some of the data exposed may seem trivial, but that if SOCRadar’s information is correct, “It could include some sensitive information about the infrastructure and network configuration of potential customers. This information could be valuable to potential attackers who may be looking for vulnerabilities within one of these organizations’ networks.”

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

Tell us About your Needs
Get an Answer the Same Business Day

Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.

What happens next:

A Vumetric expert will contact you to learn more about your cybersecurity needs and goals.

The project's scope will be defined (Target environment, deadlines, requirements, etc.)

A detailed quote including all-inclusive pricing and statement of work is sent to you.

This field is for validation purposes and should be left unchanged.


Everything You Need to Know

Gain confidence in your future cybersecurity assessments by learning to effectively plan, scope and execute projects.


Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g:,, etc.)

This site is registered on as a development site. Switch to a production site key to remove this banner.