Microsoft Notifies BPOS Cloud Customers of Breach
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Microsoft Notifies BPOS Cloud Customers of Breach

Written By
Brian Prince
Brian Prince
Dec 24, 2010
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

A configuration error recently exposed corporate data belonging to customers of Microsoft’s cloud-based Business Productivity Online Suite.

BPOS is a set of messaging and collaboration tools that includes Microsoft Exchange Online, Microsoft SharePoint Online, Microsoft Office Communications Online and Office Live Meeting. According to the company, the configuration issue exposed information in customers’ Offline Address Books, a feature in Exchange that permits Outlook users to access copies of e-mail addresses when users are not connected to Exchange.

Microsoft confirmed the breach in a statement and said the problem was fixed within two hours of discovery. The company did not say exactly how long the error existed, but stated that only a limited number of improper downloads took place. According to Clint Patterson, Microsoft’s director of BPOS Communications, the issue only affected Business Productivity Online Suite-Standard customers; no other Microsoft Online Services were impacted.

“Our records indicate that a very small number of downloads actually occurred, and we are working with those few customers to remove the files,” he said in a statement. “This issue applied to Offline Address Book information only, and no other information was affected. Offline Address Book contains an organization’s business contact information for employees. It does not contain Outlook personal contacts, e-mail, documents or other types of information.”

Still, the data breach is a “stark reminder” that companies putting sensitive data in the cloud need to ensure they are implementing sound security and risk management strategies to protect that information from being accessed by unauthorized users, said Kurt Johnson, vice president of strategy and corporate development at Courion.

“The cloud introduces new risks that could potentially impact overall data security,” he said. “This includes issues that may inadvertently, as in this case, provide access to unauthorized users. This is often overlooked by companies and is something that is critical to proper data protection.”

“We take our responsibility to safeguard customer data very seriously, and while no customer action is required, we have notified all our Business Productivity Online Suite-Standard customers about this issue,” Patterson said.
Brian Prince
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information