Microsoft Power Apps Data Breach

A Microsoft data breach has reportedly exposed almost 40 million records containing personally identifiable information (PII), Social Security numbers, employee IDs, and email addresses. The data breach has now impacted dozens of organizations across the country, including American Airlines, Ford, Maryland Department of Health, New York City Municipal Transportation Authority, and the state of Indiana.

On May 24, an UpGuard analyst discovered that the Open Data Protocols (OData) API for an organization’s Microsoft Power Apps portal that contained an anonymously accessible list of data.

On Microsoft Power Apps, users can enter, store and retrieve data from other applications. The service also allows organizations to publicly display Power Apps lists. But the software design has now left certain permissions vulnerable. When the configurations are not set properly, and the OData feed is enabled, anonymous users can access data.

The Lyon Firm is investigating Microsoft data breach claims and is actively involved in numerous data privacy cases and has experience filing data security claims on behalf of plaintiffs nationwide.

What Kind of Personal Data is Valuable?

Cybercriminals can use unique personal data for a number of fraudulent activities. Commonly stolen medical data can include:

• Names
• Phone Numbers
• Addresses
• Social Security numbers
• Financial information
• Health insurance IDs
• Driver’s License numbers

Microsoft Data Breach: Protect Yourself

After your data is stolen, you may always be at risk for future identity theft and fraud. But, you can protect yourself with identity theft coverage and subscribing to an ID Theft Recovery service.

It’s important to stay alert and watch for signs of illegal activity that uses your accounts. If you happen to see unusual activity, take the appropriate actions described above to help protect yourself. If you want more information on what to do when a data breach impacts you, call The Lyon Firm or visit the FTC identity theft website.

Remember that you are not the only victim of a data breach. There are millions of Americans who suffer from data privacy events, many of whom seek legal action for compensation and to hold companies accountable for negligent security systems.

If you want more information on current data breach litigation and how to file a data theft class action lawsuit, contact The Lyon Firm for a free Microsoft data breach case review.