Microsoft AI researchers accidentally leaked 38TB data online; Includes passwords, secret keys, more | Tech News
Home Tech Tech News Microsoft AI researchers accidentally leaked 38TB data online; Includes passwords, secret keys, more

Microsoft AI researchers accidentally leaked 38TB data online; Includes passwords, secret keys, more

Data including passwords to Microsoft’s services, and secret keys along with over 30000 MS Teams messages was inadvertently leaked online by the company’s researchers.

By: HT TECH
| Updated on: Sep 19 2023, 16:59 IST
Icon
Now, get AI-powered content creation in Microsoft Teams with Typeface app
image caption
1/4 Bridging the Gap with Typeface's AI: Typeface produces tailored content, adapting images and copy for distinct target audiences. With easy modifications and agile workflows, users can effortlessly iterate content for diverse marketing initiatives.   (Microsoft)
image caption
2/4 Typeface integration into Microsoft Teams: Its presence within Microsoft Teams enhances collaborative productivity. Typeface Flow offers seamless access within Teams, aligning content creation with user workflows.    (Microsoft)
image caption
3/4 Optimizing Typeface for Teams: The Typeface Teams app adds exclusive functionalities. Users benefit from individual ideation within Teams, fostering personalized brainstorming experiences. Typeface's message extensions facilitate collaborative content utilization, from drafting blogs to enhancing video content.   (Microsoft)
Microsoft
4/4 Typeface for Teams excels in ideation and collaboration, merging generative AI's agility with the power of cohesive Teams environments.   (REUTERS)
Microsoft
icon View all Images
Nearly 38TB of Microsoft’s data was shared via a blob URL in a GitHub repository. (AP)

Cybersecurity is a big concern in 2023 for both individuals and enterprises, and it seems even big technology companies aren't safe from the prying eyes of hackers and cybercriminals. In a shocking development, almost 38TB of data was leaked online, albeit accidentally. While companies these days have several data protection policies and safeguards against data leaks from external threat actors in place, this data leak allegedly involved Microsoft employees. Here's what happened.

Big data leak

In a blog post, Microsoft announced that researchers at cloud security firm Wiz discovered that Microsoft's AI division researchers accidentally leaked 38TB of data while contributing to a GitHub repository involving the development of open-source AI models. Microsoft has emphasized that no customer data or any other internal service was put at risk, and no customer intervention is required. However, nearly 000 internal Microsoft Teams messages, secret keys, passwords for Microsoft's services, and other data were involved in the big data leak.

How did the leak occur?

According to a Coordinated Vulnerability Disclosure (CVD) report by Wiz, the data leak involved a Microsoft employee who accidentally shared a URL for a blob store while contributing to a public GitHub repository on the development of open-source AI models. This URL had a Microsoft Azure feature called Shared Access Signature (SAS) token for an internal storage account. “Like other secrets, SAS tokens should be created and managed properly”, Microsoft said.

While SAS links generally include access to only a select number of files, this link was configured in such a manner that it gave access to the entire account. It also granted “full control” permissions, allowing the user to edit the contents of the entire account, instead of just allowing read-only access. The access to the internal storage account was inadvertently included in the blob URL, it contained the backups of workstation profiles of two former Microsoft employees, including their passwords, as well as thousands of Teams messages with their colleagues.

The research team was able to access this account with the SAS token, and this massive security issue was then reported to the Microsoft Security Response Center (MSRC). Following this, all external access to the storage account was revoked.

Microsoft said, “Additional investigation then took place to understand any potential impact to our customers and/or business continuity. Our investigation concluded that there was no risk to customers as a result of this exposure.”

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 19 Sep, 16:58 IST
Trending: bored of your instagram explore feed? here’s how you can change, reset it ipad air 2024 may skip mini-led display- here's what to expect from apple event on may 7 ios 18 release: launch timeline revealed ahead of apple wwdc 2024 - all the details how to view saved wifi password on android - with and without root chatgpt in iphones? apple renews talks with openai for adding generative ai features in ios 18 update ipad air 2024 launch: better camera, mini-led display and what more to expect from apple how to hide your instagram online status from others elon musk brings community notes to indian x users before elections- what is it and why is it important beware! your whatsapp account can be hacked easily; here’s how this cybcercrime works 20 years of mac os x: in pics
NEXT ARTICLE BEGINS

Tips & Tricks

iPhone travel hacks
iPhone tips: 6 useful features in iOS 17 to try during your next foreign vacation
Samsung_Galaxy_M55_5G_10_things_to_know_about_this
Samsung Galaxy M55 5G: 10 things to know about this mid-range smartphone
ash-lab-wuK7M2xH3WU-unsplash
iPhone 15 hidden features: How to take a passport photo on iPhone- 5 steps
Slide_1
5 films to watch on YouTube that are shot entirely on iPhone 15 Pro Max
GTA5_EIGHT
GTA Online: From competing in races to having a party, 7 things to do if you are bored

Editor’s Pick

OnePlus Nord CE 4 Review
OnePlus Nord CE 4 Review: No nonsense smartphone under 25,000
Lok Sabha election 2024: How to find the location of your polling booth online with mobile number
Lok Sabha election 2024: How to find the location of your polling booth online with mobile number
Atomberg fan: What is BLDC tech? Top 5 Atomberg ceiling fans with best price
Best Atomberg ceiling fans (2024) for your modern home: BLDC tech, high speed, saves power bills
iPhone 16 vs iPhone 15
iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
LG Artcool AC launched
LG Artcool AC launched: Here are the latest LG air conditioner models in 2024 and all top features explained

Trending Stories

iPhone 16 vs iPhone 15
iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
iPhones
iPhone discounts: Best deals on iPhone 13, 14, and 15 [April 2024]
Samsung Galaxy Unpacked event date tipped
Samsung Galaxy Unpacked event date tipped: From Galaxy Z Fold 6 to Galaxy Ring, know what’s coming
Apple's May event
iPad Air 2024 may skip mini-LED display- Here's what to expect from Apple Event on May 7
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
keep up with tech

Gaming

GTA 5 Meets Minecraft: Top 5 mods blend pixelated fun with Los Santos adventures in 2024
GTA 5 Meets Minecraft: Top 5 mods blend pixelated fun with Los Santos adventures in 2024
Garena Free Fire redeem codes for April 28
Garena Free Fire Redeem Codes for April 28: 3 essentials tips to improve gameplay
Garena Free Fire
Garena Free Fire MAX Redeem Codes for April 28: Scorching Ring event brings exciting bundles
Top 5 games to play with ChatGPT: Retro Adventures to PokedexGPT Pokemon battles
Top 5 games to play with ChatGPT: Retro Adventures to PokedexGPT Pokemon battles
Xbox Game Pass for free: Easy steps to unlock a month of hundreds of games without paying
Xbox Game Pass for free: Easy steps to unlock a month of hundreds of games without paying

Best Deals For You

Honor 90
5 best smartphones for your eyes: Xiaomi 13, Honor 90 to Motorola Edge Plus, check list
Redmi 13C 5G
Top 7 Redmi phones under 12000: From Redmi 13C to Redmi A2 - Know them all
360 Home Security Camera 2K
Valentine's Day Gift Ideas: Great options available in Xiaomi's gadget collection - check it out
PlayStation 5
5 best gaming consoles to buy right now: PlayStation 5, Xbox Series X and more
Samsung Galaxy A54 5G
Best phones under 40000: Check Techno Phantom X2, Samsung Galaxy A54, iQOO Neo 7 Pro, more

    Trending News

    iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
    iPhone 16 vs iPhone 15
    iPhone discounts: Best deals on iPhone 13, 14, and 15 [April 2024]
    iPhones
    Samsung Galaxy Unpacked event date tipped: From Galaxy Z Fold 6 to Galaxy Ring, know what’s coming
    Samsung Galaxy Unpacked event date tipped
    iPad Air 2024 may skip mini-LED display- Here's what to expect from Apple Event on May 7
    Apple's May event
    GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
    GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean

    Trending Gadgets

    Mobiles Laptops Tablets