• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Saturday, July 11, 2026
  • Login
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home News

Microsoft Power Apps faced multiple leaks, data of 38 million users exposed

by Manasi Varma
August 24, 2021
in News, World
Reading Time: 2 mins read
0
Microsoft 38 million users
TwitterWhatsappLinkedin

You might also like

Weekly Tech Updates: Everything from the AI Race to Truecaller’s TRAI Dispute

Weekly Business News: Everything from Adani’s Low Carbon Bet to NMDC’s Iron Ore Price Cut

Indian Startups Raise $219.2 Mn in a Week as Late-Stage Investments Drive Funding Momentum

An UpGuard Research team has found a security flaw in Microsoft Power Apps portals, which are said to have faced multiple leaks, exposed the data from as many as 38 million users. As per a report by the team, at least 47 entities have become victims of data breaches, owing to a vulnerability in the Microsoft portals. The Power Apps portals, which all access by the general public as well as firms and governments, were found to be harboring a “new vector of data exposure.”

Microsoft 38 million users
Image Credits: YouTube

The leaked data has apparently affected “governmental bodies” in multiple states, like Maryland, New York City, and Indiana. Private companies, like J.B Hunt, American Airlines, and even Microsoft itself, were also hit.

Specific Permissions Tampered With

Many entities use the Microsoft Power Apps portals to make “low code” apps, that are compatible with cloud services. The data stored on the same can be shared with both internal an external users, with data visibility to individual visitors being controlled through “specific permissions.” It is these permissions that were found to be harboring the permissions, say analysts.

As per the reports, due to the vulnerability, access to certain data that was meant only for authorized personnel, became available to anonymous users as well. The same occurred because an OData (Open Data Protocol) API was not functioning correctly.

In hindsight, the OData API is used to retrieve data from lists in Power Apps, with the lists in turn being derived from tables, which require “Table Permissions” to allow for the data to be shared. The API works securely only when two checks are in place. The first is that Table Permissions should be configured for the very Table from which the data is to be sourced. The second requires the Enable Table Permissions Boolean value to be set to “TRUE” on the list. Apparently, at least one of these checks were not configured, allowing anonymous users to access the data.

Poor Data Security

Interestingly, the report also notes that though many security reviews have been carried out into Microsoft Power Apps, they have failed to provide knowledge about the issue. Moreover, their very impact has not been publicized, and nor are they “adequately studied.”

However, this time around, the data has been risk has been identified, and shared in Power Apps’ product documentation. At the same time, UpGuard warns that a mere warning is not enough to avoid the “serious consequences.”

Tags: American AirlinesMicrosoftMicrosoft Power Apps
Tweet54SendShare15
Previous Post

Delhi court ordered police to probe Paytm ownership case in three weeks

Next Post

How to upload photos to iCloud

Manasi Varma

A 20-something year old with a flair for writing, a love for reading, and an obsession for KPop. Most amicable person you'll ever meet.

Recommended For You

Weekly Tech Updates: Everything from the AI Race to Truecaller’s TRAI Dispute

by Ishaan Negi
July 10, 2026
0
Weekly Tech Updates: Everything from Cloudfare Outage to X’s ‘Chat’ Debut

The tech world had another action-packed week, with AI giants, smartphone makers, and regulators all making major moves. OpenAI vs Anthropic: The AI Race Gets Even Tighter The...

Read more

Weekly Business News: Everything from Adani’s Low Carbon Bet to NMDC’s Iron Ore Price Cut

by Ishaan Negi
July 10, 2026
0
Weekly Business News: Top business updates in this week

Catch up on the week's most important business headlines, featuring key developments in industry, policy, technology, and global trade. Adani Enterprises Enters Chemicals with Low-Carbon Manufacturing Push Adani...

Read more

Indian Startups Raise $219.2 Mn in a Week as Late-Stage Investments Drive Funding Momentum

by Ishaan Negi
July 10, 2026
0
Weekly Startup Funding News: Indian startups raised $196 Mn this week; from Emiza to Leap

India's startup funding ecosystem showed renewed strength during the week ended July 9, with startups collectively raising $219.2 million across 18 funding rounds. The total marks a 28.3%...

Read more
Next Post
How to upload photos to iCloud

How to upload photos to iCloud

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at info@techstory.in

Advertise With Us

Reach out at - info@techstory.in

Aviator Game India 2026

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple Artificial Intelligence bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News OpenAI samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2025 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2025 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?