According to Upguard, incompetent default setups for Microsoft Power Apps have unveiled sensitive data like COVID-19 vaccination statuses, email addresses, and social security numbers.
Multiple data leaks were discovered by Upguard Research, exposing 38 million records via Microsoft Power Apps portals set to allow public access.
American Airlines, Microsoft, J.B. Hunt, and the governments of Indiana, Maryland, and New York City were all affected by the data breaches. Upguard detected the vulnerability using the ODdata API for a Power Apps portal on May 24 and reported it to Microsoft on June 24.
To Read More: ZDNet
For more such updates follow us on Google News ITsecuritywire News.