A bug in Microsoft partner portal ‘exposes ‘ support requests to all partners, fortunately, no customer data was exposed.
The Register in exclusive reported that Microsoft partner portal ‘exposed ‘every’ support request filed worldwide.’ Tickets submitted from all over the world were exposed to all Microsoft support partners due to the glitch.
“At the moment in the Microsoft Partner Portal you can see every ticket title for every support request worldwide!” Stuart Crane of IT biz Everon told The Register.
“Another Microsoft small biz specialist contacted us to say “Logged on to my Microsoft Partner portal to check status of a ticket I have open with them only to see lots of tickets which are not ours”.” reported The Register.
According to another Microsoft partner quoted by The Register, the bug exposed case number and title of the tickers, but not their content. This means that the problem will not cause Microsoft big problems with data protection laws or watchdogs.
Microsoft quickly addressed the flaw and downplayed the issue explaining that only a limited number of features in the Partner Centre portal were affected.
“We’ve addressed an issue that impacted a small subset of functions on our Partner Centre portal and we’re working to restore normal operation.” said a spokesperson for Microsoft.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.