A security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals – including the leak of 1.1 million NHS employee records.
It’s the latest discovery by Dublin-based security researcher Aaron Costello, who previously discovered the health and personal details of over a million citizens had been accidentally exposed by Ireland’s HSE Covid vaccination portal.
As Costello explains in a blog post, misconfigured access controls in P