Microsoft Exposes 38TB of Sensitive Employee Data on Misconfigured Azure Server

Microsoft AI researchers exposed terabytes of sensitive data on GitHub, including passwords and keys.
The data was exposed via an Azure storage URL that was misconfigured to allow full control.
The exposure included 38TB of data, like backups of employee PCs and Microsoft Teams messages.
Cloud security firm Wiz discovered the issue and notified Microsoft, which revoked access after 2 days.
Microsoft says no customer data was exposed and no other services put at risk.

techcrunch.com

Relevant topic timeline:

9/18/2023

Microsoft Leaks 38TB of Employee Data Through Misconfigured Cloud Storage

Microsoft AI research division accidentally leaked terabytes of sensitive data through a misconfigured Azure Blob storage bucket, exposing personal information and internal messages, highlighting the security risks of Shared Access Signature tokens and the need for better monitoring and governance.

10/2/2023

Study Shows Removing Sensitive Data from AI Models Like ChatGPT Remains a Challenge

AI researchers from the University of North Carolina reveal the difficulty in removing sensitive data from large language models, highlighting that the information remains even after deletion attempts, posing challenges for data privacy.

10/7/2023

23andMe User Data Stolen and Offered for Sale After Hackers Access Accounts Through Recycled Passwords

Genomics company 23andMe confirmed that user data was stolen through a recycled password attack, with a leaked sample containing 1 million data points being offered for purchase, although the legitimacy of the data is still being investigated.