An unsecured database has exposed sensitive data for users of Microsoft’s Bing search engine mobile application – including their location coordinates, search terms in clear text and more.

While no personal information, like names, were exposed, researchers with Wizcase argued that enough data was available that it would be possible to link these search queries and locations to user identities — giving bad actors information ripe for blackmail attacks, phishing scams and more.

The data was related to the mobile-app version of Microsoft Bing, housed in a 6.5 terabyte (TB) server owned by Microsoft. Researchers believe the server was password-protected until Sept. 10, two days before they uncovered the issue on Sept. 12. Microsoft was alerted to the exposed data on Sept. 13, and secured the server on Sept. 16.

#hacks #web security #cyber blackmail #cybercriminals #data exposed #exposed server #hack #meow attack #microsoft #microsoft bing #microsoft security #misconfiguration #phishing scams #search queries #security hack #unsecured server