A computer security researcher known for discovering serious leaks of private information at major U.S. companies has found one at Microsoft Corp."s Web site. The researcher showed MSNBC.com several screen shots he had taken revealing Microsoft customer addresses, phone numbers, and what they ordered. Microsoft admitted the exposure and said it had immediately corrected the problem.
It was not clear how many records the researcher accessed, or which Microsoft customers were affected — but the list was apparently sizeable. "Well, this information is alarmingly accurate," said one customer when informed of the data found by the researcher. The customer, who asked his name be withheld, had placed an order Dec. 29 for a free CD-ROM full of programs for his brand-new Journada, a Christmas gift. Other order snapshots provided to MSNBC.com show pricey orders for Microsoft Software Developer Network CD-Roms — with price tags of up to $2,500 — placed by a Hewlett Packard employee and a worker at Verticalworks.com.
News source: MSNBC