top | item 35706247

(no title)

This reminds me of a case I saw a couple of years, working for a company that delivered a document software. We had documents accessible through the web, open, but with a obfuscated URL, as a good amount of other companies in similar spaces. One morning we found a good amount of documents indexed in Bing, as well as invoices from some of Norways largest credit card companies, e-invoice suppliers etc.

We never got to the bottom of how it happened, but our theory was that Edge would send browsing history back to MS; and MS/Bing would index based on this. So this seems to be a practice that has been going on for a long time

Some old articles about it: https://www-nrk-no.translate.goog/norge/fodselsnummer-fra-br... https://www-nrk-no.translate.goog/norge/felleskjopet-beklage...

discuss

senorrib|2 years ago

The fault here obviously doesn't fall exclusively on Microsoft. Security by obscurity was never an effective method.