Microsoft has confirmed that some of its customers’ personal information has been exposed by an unintentionally misconfigured server that allowed unauthenticated access to business transaction data.