Docs.com, a free document-sharing service from Microsoft, allowed anyone to search and view documents shared by users, unbeknownst to many of those users who believed their documents were private.

The issue allowed anyone, including a number of security researchers who discovered the problem, to find documents uploaded to Docs.com by Microsoft Office 365 users—including files that contained sensitive and personal information.

Read: Weak MacKeeper Security Exposes At Least 13 Million Users' Sensitive Information

Among the files found were documents that included passwords, accounts names, social security numbers, bank accounts, medical information and employee data from businesses—all by simply searching for those terms using the search bar on the Docs.com homepage.

In response to the initial discovery made by security researcher Kevin Beaumont, Microsoft removed the search feature from the landing page for Docs.com. The bar was still accessible throughout the rest of the site, and has since returned to the homepage.

More troublesome is the fact the documents have been indexed by search engines. This means the documents are discoverable via Google, Bing and other search engines—and will continue to be until the documents are removed from Docs.com.

Microsoft has since committed to alerting users who have uploaded personal information to the service, but does not appear interested in changing functionality for Docs.com, which has the tagline “Share your work with the world.”

“Docs.com lets customers showcase and share their documents with the world. As part of our commitment to protect customers, we're taking steps to help those who may have inadvertently published documents with sensitive information. Customers can review and update their settings by logging into their account at www.docs.com,” a spokesperson for Microsoft told Ars Technica.

Read: How To Protect Your Browsing History: Internet Service Providers Argue Against Your Privacy

A support document from Microsoft advised users on how to control access to documents hosted by the Docs.com service. According to the document, "because Docs.com does not yet meet all of Office 365 compliance framework requirements, Office 365 and Azure Tenant administrators must 'opt-in' to enable users with organizational accounts to use the service.”

How To Make Docs.com Files Private

Because Docs.com is intended to allow users to host sharable files—not serve as a cloud storage solution like Google Docs or Dropbox—files are set to appear public by default.

The privacy settings of an individual document can be changed by scrolling down the left-hand navigation bar. Under the heading “Visibility,” users will be able to see the privacy setting for the document.

The default setting is “public on the web,” which allows anyone to search for and find the document. By clicking the menu under visibility, users have the option to choose the “Limited” setting, which only allows select people with a direct link to the document to view it.

If a user clicks the save button with the “public on the web” option selected, they will be presented with a pop-up notification that reads, “You are making your document publicly available on the web so search engines can find it. Make sure it doesn't contain private information that you don't want to share.”