Security News > 2023 > September > White Hat Hackers Discover Microsoft Leak of 38TB of Internal Data Via Azure Storage
Microsoft has patched a vulnerability that exposed 38TB of private data from its AI research division.
The repository held 38TB of private data, secrets, private keys, passwords and the open-source AI training data.
Microsoft noted that no customer data was ever included in the information that was exposed, and that there was no risk of other Microsoft services being breached because of the AI data set.
What businesses can learn from the Microsoft data leak.
Wiz pointed out in its blog post, "Researchers collect and share massive amounts of external and internal data to construct the required training information for their AI models. This poses inherent security risks tied to high-scale data sharing."
In this case, the Microsoft researchers could have moved the public AI data set to a dedicated storage account.
News URL
https://www.techrepublic.com/article/microsoft-internal-data-leak-azure/
Related news
- Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation (source)
- Azure, Microsoft 365 MFA outage locks out users across regions (source)
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Hackers leak configs and VPN credentials for 15,000 FortiGate devices (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Hacker leaks account data of 12 million Zacks Investment users (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)