Breaking News
Quotes
All Instrument Types
  • All Instrument Types
  • Indices
  • Equities
  • ETFs
  • Funds
  • Commodities
  • Currencies
  • Crypto
  • Bonds
  • Certificates

Please try another search

Search website for: 
Popular News
More
Popular Analysis
More
More
/Free Sign Up
 Investing Pro 0
💎 Access the Market Tools Trusted by Thousands of Investors Get Started

Microsoft exposes 38TB of sensitive data during AI research

Stock Markets
Published Sep 19, 2023 14:00 Updated Sep 19, 2023 14:30
Saved. See Saved Items.
This article has already been saved in your Saved Items
 
© Reuters. Microsoft exposes 38TB of sensitive data during AI research
 
MSFT
+0.67%
Add to/Remove from a Portfolio
Add to Watchlist
Add Position

Position added successfully to:

Please name your holdings portfolio
 
 
Create New Watchlist Create
Create a new holdings portfolio Add Create
+ Add another position Close

A grave oversight by Microsoft (NASDAQ:MSFT)'s AI research division resulted in the leak of 38 terabytes (TB) of sensitive data, discovered nearly three years after the initial incident.

The leak was traced back to a misconfigured Azure Blob storage bucket, according to cloud security firm Wiz.

In July 2020, Microsoft inadvertently shared the URL for the Azure storage bucket while contributing open-source artificial intelligence (AI) learning models to a public GitHub repository.

The exposed data included Microsoft employee information, secret keys and an archive of internal messages.

Hard to monitor and avoid

"AI unlocks huge potential for tech companies. However, as data scientists and engineers race to bring new AI solutions to production, the massive amounts of data they handle require additional security checks and safeguards," Wiz CTO & co-founder Ami Luttwak told BleepingComputer.

"This emerging technology requires large sets of data to train on.

"With many development teams needing to manipulate massive amounts of data, share it with their peers or collaborate on public open-source projects, cases like Microsoft's are increasingly hard to monitor and avoid."

Security risk

Wiz researchers revealed the lapse on June 22, 2023, prompting Microsoft to block external access by revoking the shared access signature (SAS) token on June 24.

The overly permissive SAS token granted full control over the shared files.

Wiz highlighted that while SAS tokens could offer secure, delegated access when used correctly, their management within the Azure portal was challenging.

In addition to a lack of monitoring and governance, SAS tokens pose a security risk and their usage should be as limited as possible.

Read more on Proactive Investors AU

Disclaimer

Microsoft exposes 38TB of sensitive data during AI research
 
Add a Comment

Related Articles

Add a Comment

Comment Guidelines

We encourage you to use comments to engage with users, share your perspective and ask questions of authors and each other. However, in order to maintain the high level of discourse we’ve all come to value and expect, please keep the following criteria in mind: 

  • Enrich the conversation
  • Stay focused and on track. Only post material that’s relevant to the topic being discussed.
  • Be respectful. Even negative opinions can be framed positively and diplomatically.
  •  Use standard writing style. Include punctuation and upper and lower cases.
  • NOTE: Spam and/or promotional messages and links within a comment will be removed
  • Avoid profanity, slander or personal attacks directed at an author or another user.
  • Don’t Monopolize the Conversation. We appreciate passion and conviction, but we also believe strongly in giving everyone a chance to air their thoughts. Therefore, in addition to civil interaction, we expect commenters to offer their opinions succinctly and thoughtfully, but not so repeatedly that others are annoyed or offended. If we receive complaints about individuals who take over a thread or forum, we reserve the right to ban them from the site, without recourse.
  • Only English comments will be allowed.

Perpetrators of spam or abuse will be deleted from the site and prohibited from future registration at Investing.com’s discretion.

I Agree
Write your thoughts here
 
Are you sure you want to delete this chart?
Delete Cancel
 
Post
Post also to:
 
Replace the attached chart with a new chart ?
Replace Cancel
1000
Comment Guidelines
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Thanks for your comment. Please note that all comments are pending until approved by our moderators. It may therefore take some time before it appears on our website.
 
Are you sure you want to delete this chart?
Delete Cancel
 
Post
 
Replace the attached chart with a new chart ?
Replace Cancel
1000
Comment Guidelines
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Add Chart to Comment
Cancel Attach
Confirm Block

Are you sure you want to block %USER_NAME%?

By doing so, you and %USER_NAME% will not be able to see any of each other's Investing.com's posts.

%USER_NAME% was successfully added to your Block List

Since you’ve just unblocked this person, you must wait 48 hours before renewing the block.

Confirm Block Cancel
Ok
Report this comment

I feel that this comment is:

Submit
Comment flagged

Thank You!

Your report has been sent to our moderators for review
Close
Continue with Google
or
Sign up with Email