Microsoft has one of the best security teams and capabilities of any organization in the technology industry, yet it accidentally exposed 250 million customer records in December 2019. The data was accessible to anyone with a browser, who knew the server location, for about a month in total before an external researcher detected the problem.
The database held records of customer support engagements dating back to 2005. Once alerted, Microsoft quickly closed the hole, investigated the breach, communicated to customers, and graciously thanked the security researchers.
