“Our records indicate that a very small number of downloads actually occurred, and we are working with those few customers to remove the files,” he said in a statement. “This issue applied to Offline Address Book information only, and no other information was affected. Offline Address Book contains an organization’s business contact information for employees. It does not contain Outlook personal contacts, e-mail, documents or other types of information.”
The statement above was done by Clint Patterson, Microsoft’s director of BPOS Communications last week.
Apparently the offline address book of Exchange Online could be inadvertently downloaded by other customers of the service. No emails or any other information was at risk at any moment.
Microsoft claimed the issue was resolved within two hours of being discovered. However, during this time "a very small number" of illegitimate downloads occurred. "We are working with those few customers to remove the files," Patterson said.
Only customers of BPOS Standard were affected, showing us both the dangers of a cloud and a shared environment.
Don’t get me wrong, I am a fan of cloud computing, but a shared environment of identity information introduces risks – as shown here.