Microsoft said: "As part of our commitment to protect customers, we're taking steps to help those who may have inadvertently published documents with sensitive information."
Yep, be sure to blame the customers....
Although to be fair, if you're going to store "sensitive data", you should probably check whether the service defaults to "public" .. even if that is a dumb default.