Misconfigurations are unfortunately a common error across the industry. We have solutions to help prevent this kind of mistake, but unfortunately, they were not enabled for this database. As we’ve learned, it is good to periodically review your own configurations and ensure you are taking advantage of all protections available

.
...says Microsoft after admitting a data leakage that exposed 250 Million Call Center Records, that included Clients’ email addresses IP addresses, locations, descriptions of CSS claims and cases, Microsoft Support Agent emails, case numbers, resolutions and comments, Internal notes marked as “confidential", as well as phone conversations between service agents and customers dating back to 2005, all password-free and completely unprotected.

But don't worry "we are taking it seriously and [are] working diligently to learn and take action to prevent any future reoccurrence"

->Too late, Microsoft. Those pesky phone scammers that call themselves "Microsoft support" will surely get their hands on that jackpot, somehow... "Hello Sir, my name is Robert, I am from Microsoft and I would like to come back to support case #xxx... that we were working on last week, please allow me to start a remote session right away" :-(