Kerala Security Expert, Who Spotted Microsoft Bug Which Left 400 Million Accounts Vulnerable, Rewarded
Kerala Security Expert, Who Spotted Microsoft Bug Which Left 400 Million Accounts Vulnerable, Rewarded (Photo by David Ramos/Getty Images)

A Kerala-based techie and fellow researcher had found a series of vulnerabilities that could lead hackers accessing data of 400 million Microsoft accounts of Microsoft Outlook and Office 365.

Microsoft awarded Sahad NK, who is a security researcher at and colleague Paulos Yibelo with an undisclosed bounty for the discovery.

"Immediately after finding these vulnerabilities, we contacted Microsoft via their responsible disclosure programme and started working with them," said Sahad.

The bugs, which were reported earlier in June, were fixed by November end.

The proof of existing vulnerability was only made for Microsoft Outlook and Microsoft Sway but expected that it would have affected other accounts such as Microsoft store.

The security expert also discovered that the subdomain '' was misconfigured. He also found a bug in Microsoft Office, Store and Sway products

A string of bugs, when chained together just with a click of a link, an attacker can gain access to a Microsoft account.

A leading technology blog, TechCrunch, said, "Anyone's Office account, even enterprise and corporate accounts, including their email, documents and other files, could have been easily accessed by a malicious attacker, and it would have been near-impossible to discern from a legitimate user".

Sahad also won a bounty from Facebook for discovering a bug last year.

An Appeal...

Dear Reader,

As you are no doubt aware, Swarajya is a media product that is directly dependent on support from its readers in the form of subscriptions. We do not have the muscle and backing of a large media conglomerate nor are we playing for the large advertisement sweep-stake.

Our business model is you and your subscription. And in challenging times like these, we need your support now more than ever.

We deliver over 10 - 15 high quality articles with expert insights and views. From 7AM in the morning to 10PM late night we operate to ensure you, the reader, get to see what is just right.

Becoming a Patron or a subscriber for as little as Rs 1200/year is the best way you can support our efforts.

Become A Patron
Become A Subscriber