Microsoft Data Breaches History & Full Timeline Up To 2022

Last Updated: August 7, 2022
In this article, we will take a look at all the data breaches Microsoft has experienced over the years, along with a full history and timeline of Microsoft data breaches. Let’s dig right into it!
Microsoft Data Breaches History & Full Timeline
EarthWeb is reader-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft has become an industry standard when it comes to professional software solutions and apps.

However, it seems like the security and encryption standards are not up to the mark since there is a long list of data breaches associated with Microsoft.

Recently, in March 2022, a Microsoft data breach by the Lapsus$ group compromised Cortana and Bing.

For this reason, it’s important to be aware of the Microsoft data breach timeline if you are a Microsoft product user.

March 2022 – Breached By Lapsus$ Group

Lapsus$ Group

On March 20th 2022, the Lapsus$ group shared a snapshot to its Telegram channel showing that they have breached Microsoft.

The snapshot was of Azure DevOps, which is a collaboration software launched by Microsoft – it shared that Cortana, Bing, and other projects were compromised in the breach.

However, on March 22nd, 2022, Microsoft published a statement with which they confirmed the security attack.

The statement also shared that no customer data was compromised.

According to the company, the description shows that only one account was hijacked but the security team managed to stop the attack before the hacking group could infiltrate deep into the Microsoft accounts.

As far as Lapsus$ is concerned, they hijacked the accounts for financial reasons, and no politics were involved.

August 2021 – Misconfiguration In Power Apps

Microsoft Power apps

The misconfiguration of Microsoft Power apps resulted in an enormous data leak as the portal settings weren’t correct.

According to the company, around 38 million records were exposed when over 47 companies had stored their data on publicly accessible platforms.

Some of these companies included Ford Motors, New York MTA, and American Airlines, which is why the data format and nature were different.

For instance, some data was related to employee information while COVID-19 testing, vaccinations, and tracing information was also leaked.

However, the sensitive and personal information was leaked, such as social security numbers, demographic information, address, full names, and dates of birth.

This Microsoft data breach was identified by UpGuard, which is a well-known cybersecurity firm.

It’s not certain if the information was accessed by hackers before companies addressed the data leak.

The misconfiguration was caused by third-party companies and was not Microsoft’s fault.

However, Microsoft published the documentation to prevent public access to the data but the public feels that technical documents aren’t sufficient.

August 2021 – Leaking Of Microsoft Azure Database & Customer Accounts

According to Wiz’s security professionals, they were successful in accessing the database and customer accounts of Microsoft Azure back in August 2021.

In particular, the data included the records of various Fortune 500 companies.

According to Wiz, they were only researching the system and identified vulnerabilities in the Azure database.

The researchers managed to gain complete access to data through these vulnerabilities, such as customer account data and an array of databases.

However, it’s not certain if the data was accessed by any third party except Wiz researchers.

This Microsoft data breach was completely Microsoft’s fault as Cosmos DB’s flaws resulted in a loophole, which allowed access to the database.

In addition, the researchers could delete, alter, and download the information stored in the database. 

April 2021 – Data Of 500 Million LinkedIn Users Was Scraped & Sold

Another Microsoft data breach included the scraping and selling of LinkedIn data of over 500 million users.

In particular, the personal data of this account was uploaded for sale on the hacker forum in April 2021.

According to the Business Insider’s representative, the data was scraped from the public data on LinkedIn, which included the contact numbers and email addresses. 

January 2021 – More Than 60,000 Hacks Caused By Vulnerability In Microsoft Exchange Server

This is one of the most extensive security accidents, with which more than 60,000 hacking attempts were made on Microsoft Exchange Servers – these hacking attempts disturbed more than 30,000 American companies and 60,000 global companies.

This Microsoft data breach was identified in January 2021 as a security specialist identified some irregular activities on the Microsoft Exchange Server.

In particular, someone was downloading emails on the server, and when the investigation was carried out, there were more requests for accessing the confidential files and emails.

The four zero-day vulnerabilities allowed unauthorized access to the data and allowed the unauthorized parties to access the system backdoors, hijack the servers, and arrange malware attacks.

Microsoft was quick in patching the vulnerable parts of the system but the system security was dependent on the server owners.

This is because if proper updates were not applied, the hacking issue remained the same, resulting in more hacking attempts.

The reports haven’t specified the total damage caused by the Microsoft data breach but the Biden administration blamed China as some attacks originated in Hafnium, China. 

December 2020 – Malicious Updates Targeted On Microsoft & SolarWinds Customers

SolarWinds

SolarWinds is a well-known infrastructure management and monitoring software and its vulnerabilities were misused by Russian hackers back in December 2020.

The attackers managed to access the SolarWinds system, which allowed them to use the build features.

Then, the hackers deployed malicious updates to more than 18,000 customers with a supply chain attack, which helped them access the customer data, network, and systems.

When the hackers found access to customer networks, they utilized customer systems for launching more attacks.

Moreover, the attackers/hackers impersonated the users to access files.

Microsoft was one of the targeted customers, which led to hacking activities on the Microsoft system. As a result, the attackers managed to access the Microsoft users’ data.

This was a wide-range attack because various government agencies, such as the Department of Justice, Department of Homeland Security, FAA, and Department of Defense, were wedged by the attack.

This Microsoft data breach was acknowledged by Microsoft and their statement showed that the hackers used a special malware to steal data from the computers of customer service agents. 

December 2019 – More Than 250 Million Customer Records Were Exposed

Back in January 2020, the news related to a misconfigured Microsoft customer support database surfaced, with which more than 250 million customer records were exposed.

This is because the database was not protected by passwords for over one month, which resulted in data accessibility for anyone who had a web browser.

The exposed data included the email address, IP addresses, and geographical and demographical data.

The primary concern associated with this Microsoft data breach was that the customers became targets of scammers because the data made it easier for scammers to impersonate the Microsoft customer support personnel.

The compromised database included the records from 2005 to 2019. 

April 2019 – Support Agent Credentials Were Compromised

This Microsoft data breach was caused when hackers managed to acquire the credentials of customer service agents in April 2019, with which they gained access to the webmail accounts.

It included the @hotmail.com, @outlook.com, and @msn.com accounts.

These credentials allowed the attackers to access the limited dataset, including folder names, subject lines, and email addresses.

At this point, it isn’t certain how many accounts were compromised but Microsoft stated a limited number.

In addition, Microsoft assured that the login credentials, attachments, and email content were not compromised. 

November 2016 – Skype Accounts Were Hacked For Sending Spam Messages

The news related to spam messages from Microsoft Skype messages broke out in November 2016 and these messages were sent through hacked accounts, even if the accounts had two-factor authentication enabled.

According to Microsoft, there was no breach from their side and stated that the attackers used stolen login credentials from other sources to access the Skye accounts.

However, the failure of two-factor authentication makes Microsoft a part of the hacking attempt.

In addition, this Microsoft data breach was amplified by the sign-in system which allowed the users to link their Skype and Microsoft accounts.

This is because the previous Skype passwords were stored, which allowed hackers to sign in to Skype from other devices. 

May 2016 – Over 33 Million Hotmail Credentials Were Put Up For Sale

Hotmail

The security experts of Microsoft identified the data cache that had over 272.3 million account credentials.

The majority of credentials were of the Russian email service but around 33 million credentials were related to Microsoft Hotmail accounts.

This Microsoft data breach was one of the biggest ones and became public when a Russian hacker discussed this data on an online forum.

October 2013 – The Internal Bug-Tracking Database of Microsoft Was Compromised

The news about the compromised internal database of Microsoft broke in October 2017 – this database was used to track bugs and errors in the Microsoft software and products.

The actual attack happened in 2013 but the intensity of the breach was not disclosed to the public. 

However, some Microsoft employees have stated that the database included information about current loopholes in Microsoft products, including the operating system.

The database information was enough to create hacking tools for breaking into the systems; it would allow the hackers to target millions of devices. 

March 2013 – Credentials Of 3,000 Xbox Users Were Exposed

Around three thousand live users of Xbox had their login credentials exposed when they entered a poll for a prize draw.

The information included the users’ names, emails, gamer tags, and birthdays; the information was published online and wasn’t accessible through hacks.

However, it’s uncertain if the data was actually captured by the attackers or not. 

June 2012 – The Malware Was Sent To Computers Disguised As Microsoft Update

Back in June 2012, the hackers infiltrated hundreds of computers by distributing the malware as a legit Microsoft update.

In fact, it also created a rogue certification, which exploited the Microsoft algorithm that was used for setting up a remote desktop.

According to the company, less than one-thousand computers were compromised. 

2011 To 2013 – Xbox Underground Hacked Microsoft Repeatedly

Xbox Underground is a hacking group, which hacked Microsoft systems multiple times between 2011 and 2013.

The group managed to access the computer networks and credentials for getting into the development kits and secured buildings.

In addition, Xbox Underground breached other developer systems, particularly the ones operated by the Zombie Studios.

Various members of the group were indicted on the matter and David Pokora became the first hacker to receive a jail sentence in the U.S. (the first foreign hacker).

As far as the imprisonment is concerned, he was in jail from 2014 to July 2015 for this Microsoft data breach. 

December 2010 – The Microsoft BPOS Data Leak

Microsoft Data

According to a statement passed by Microsoft in December 2010, the BPOS leak allowed users to access the data of other customers.

The configuration error allowed the customers to access the offline address books, which included the contact information of employees.

According to the company, very limited customers were impacted by this error and everything was fixed within two hours. 

January 2010 – Zero-Day Flaw Of Microsoft Internet Explorer Resulted In Major American Companies’ Breach

Internet Explorer

The zero-day flaw of Internet Explorer was exploited to breach the American companies, such as Google and Adobe.

The hackers managed to gain the privileges of an authorized user, with which the hackers took full control of the system.

In addition, the hackers could see, remove, and alter the data while creating new accounts.

With this flaw, the hackers managed to download malware into the computer system of Google, which allowed them to access proprietary information.

The real issue is that Microsoft was aware of the security loophole and they wanted to fix it with the Internet Explorer update, which was scheduled for later.

However, this breach accelerated the launch of an update.

Ways To Avoid Security Breaches

Microsoft has had a tough decade with repetitive breaches.

However, as a user, there are various ways you can try to remain protected from the adverse impacts of security breaches.

For instance, you need to avoid downloading videos and music from rogue sources and it’s important to understand the current data and categorize it on cloud platforms.

Keep in mind that your computer shouldn’t have all the sensitive information stored in one folder to minimize data loss in case of a breach.

Last but not least, always use the remote wipe feature, so you can delete the data from your system even if you cannot access it physically. 

Stay on top of the latest technology trends — delivered directly to your inbox, free!

Subscription Form Posts

Don't worry, we don't spam

Written by Trevor Cooke

The only safe internet is a private internet. You’ll see me at parties talking about cybersecurity, privacy, and VPNs. Yes, I’m that guy.