Exploit: Misconfiguration
Microsoft: Software Developer
Risk to Business: 2.801 = Moderate The personal information of hundreds of thousands of users of Microsoft’s EventBuilder has been exposed in a misconfiguration snafu. Researchers who discovered the leak say that the data was exposed through an improperly configured Azure blob and was available for an unknown length of time. The mistake was quickly fixed.
Individual Risk: 2.727 = Moderate Personal data for event registrants including names, email addresses and job titles was exposed in more than one million CSV and JSON files of EventBuilder driven events hosted through Microsoft Teams.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Human error is still the biggest cause of a data breach and this is one mistake goes to show that applies to every business – even the big dogs can fumble once in a while.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
