The researcher writes that the server stored over 6.5 TB of logs containing 13,000,000,000 entries received from a search engine. The specialist tested his theory on this matter very simply – he found his search queries in the logs, which he performed in the Bing app for Android.
Hakchil writes that the server was accessible over the Internet from September 10 to September 16, 2020, and when the specialist notified the Microsoft Security Response Center (MSRC) engineers about the problem, the server was again password protected.
Journalists of the edition ZDNet received a comment from Microsoft about the incident. The company assured that it corrected the misconfiguration immediately after receiving the notification from Hakchil, and also emphasized that a very limited amount of data was leaked that was not personalized.
The company even went to meet the publication and provided journalists with access to that very Elasticsearch server, so that they could see for themselves that there was no personal user data on the server and there was no one. ZDNet writes that the server really only contained technical details: search queries, information about the user's system (device, OS, browser, etc.), geographic location information (if available), as well as various tokens, hashes and coupon codes.