Microsoft 38TB AI Data Leak details

In July 2020, Microsoft (MS) launched its dedicated Artificial Intelligence (AI) research division, initially envisioned to harness vast datasets for its search engine. The venture seemed promising, but a recent revelation by security researchers from WIZ serves as a stark reminder that even tech giants can stumble when it comes to safeguarding user data.

The journey began when a Microsoft employee shared a URL link on GitHub. This seemingly innocuous action led the American Cloud Security startup’s security researchers to an astonishing discovery: a Misconfigured Azure Blob storage repository. Within this repository, they unearthed terabytes of sensitive data belonging to prominent platforms like MS Teams, Docker, Slack, along with archives containing confidential information from approximately 355 employees.

Microsoft was quick to confirm that no user data had been compromised in this incident, yet the episode serves as a wake-up call for the software giant to bolster its data protection measures.

It’s noteworthy that an insider from within Microsoft might be the source of this leak, either as an unwitting insider threat or perhaps motivated by personal grievances.

A source on Telegram, known for sharing such information with the media, suggested that the employee shared Account SAS tokens with Wiz researchers. The practicality of tracing their usage remains uncertain.

Microsoft subsequently released a public statement clarifying that the exposed data pertained to backups of two former employee workstations and messages involving two employees and their colleagues. The company continues to investigate this sensitive data leak and has reassured the public that, as of now, the information accessed by third parties has not been misused.

It’s crucial to note that this incident is unrelated to the newly identified Peach Sandstorm threat actor, also known as HOLMIUM. HOLMIUM is an Iranian state-funded group known for its password spraying campaigns targeting companies in the Space, Defense, and Pharma sectors worldwide.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display