Data leaks from websites built on Microsoft Power Pages, including 1.1 million NHS records

A security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals – including the leak of 1.1 million NHS employee records.

It’s the latest discovery by Dublin-based security researcher Aaron Costello, who previously discovered the health and personal details of over a million citizens had been accidentally exposed by Ireland’s HSE Covid vaccination portal.

As Costello explains in a blog post, misconfigured access controls in P