Office 365 Inadvertent Data Breach

Cloud storage is great, but added care needs to be taken when you are entrusting your data to another organisation.

Earlier this week it was reported that confidential documents which included passwords, credit card details, health data and legal documents were accidentally shared by organisations using Microsoft’s Office 365 service.
It was found that when using the search feature in, users could find numerous files that people had uploaded and thought were private.

Why Did it Happen?

The problem arose because the default uploading setting in is to make data publicly accessible. Quite why Microsoft thought this was a good idea, we can only guess, but it has clearly resulted in a large data breach. Microsoft has said it is taking action to resolve this, but it is a bit late because the data has already been exposed.
With all the data we use, there has to be an understanding that when certain types of storage are used, the security of the data may be compromised. In this instance, it appears to be a setting that many users were not aware of, but it shows how one small error can allow a very serious data breach. In May 2018, the General Data Protection Regulation (GDPR) will come into force and instances like this could cause severe consequences for all involved. We will be covering GDPR and the implications of the legislation in a later blog.
For any organisation, data security must be an unquestioned priority.
Please talk to us if you require more information about data security.