Microsoft Data Breach Exposes 38M Records Containing PII | TechTarget. A Microsoft Power Apps data breach exposed 38M records containing PII and impacted 47 organizations, including some governmental public health agencies. A Microsoft Power Apps data breach exposed 38 million records containing personally identifiable information (PII), according to a report from cybersecurity company UpGuard. The data breach impacted 47 organizations across multiple industries, including some governmental public health agencies. On May 24, 2021, an UpGuard analyst discovered that the Open Data Protocols (OData) API for an organization’s Power Apps portal that contained an anonymously accessible list of data. The exposed PII included names, COVID-19 contact tracing information, vaccination appointments, Social Security numbers, employee IDs, and email addresses. Third-party company: Microsoft.