search
HomeTechnology peripheralsAIMicrosoft AI researchers accidentally leaked 38TB of internal data, including private keys and password information

There is no need to change the original meaning, the content that needs to be rewritten is: Source: IT Home

Wiz Research announced today that a data leak was discovered in Microsoft AI's GitHub repository, which was caused by a misconfigured SAS (IT Home Note: Shared Access Signature) token

微软 AI 研究人员无意中泄露 38TB 内部数据,包括私钥和密码信息

In terms of details, Microsoft's artificial intelligence research team released open source training data on GitHub, but accidentally exposed 38TB of other internal data, including disk backups of the personal computers of several Microsoft employees. These backups contained confidential information, private keys, passwords, and thousands of internal Microsoft team messages, involving more than 30,000 employees

微软 AI 研究人员无意中泄露 38TB 内部数据,包括私钥和密码信息

微软 AI 研究人员无意中泄露 38TB 内部数据,包括私钥和密码信息

This GitHub repository provides open source code and AI models for image recognition, visitors need to download the model from the Azure storage URL. However, Wiz discovered that the URL's permissions were misconfigured, causing permissions to be granted to the entire storage account, thereby incorrectly exposing other private data

According to reports, the URLs involved are said to have exposed the data since 2020. Furthermore, the URL was incorrectly configured to allow "Full Control" instead of "Read-Only" permissions. This means that anyone who knows how to view this URL could potentially remove, replace, and inject malicious content

Wiz said it reported the issue to Microsoft on June 22, and two days later on June 24, Microsoft announced it was revoking the SAS tokens. Microsoft said it completed its investigation into potential organizational impact on August 16.

The following is the specific timeline of the entire incident:

On July 20, 2020, the SAS token was submitted to GitHub for the first time; the expiration date is October 5, 2021

October 6, 2021 - SAS token expiration date updated to October 6, 2051

June 22, 2023 - The Wiz research team discovered the issue and reported it to Microsoft

June 24, 2023 - Microsoft Announces SAS Token Expiration

On July 7, 2023, the SAS token was replaced on GitHub

August 16, 2023 - Microsoft completes internal investigation into potential impact

September 18, 2023 - Wiz Research publicly discloses this

The above is the detailed content of Microsoft AI researchers accidentally leaked 38TB of internal data, including private keys and password information. For more information, please follow other related articles on the PHP Chinese website!

Statement
This article is reproduced at:搜狐. If there is any infringement, please contact admin@php.cn delete
What is Model Context Protocol (MCP)?What is Model Context Protocol (MCP)?Mar 03, 2025 pm 07:09 PM

The Model Context Protocol (MCP): A Universal Connector for AI and Data We're all familiar with AI's role in daily coding. Replit, GitHub Copilot, Black Box AI, and Cursor IDE are just a few examples of how AI streamlines our workflows. But imagine

Building a Local Vision Agent using OmniParser V2 and OmniToolBuilding a Local Vision Agent using OmniParser V2 and OmniToolMar 03, 2025 pm 07:08 PM

Microsoft's OmniParser V2 and OmniTool: Revolutionizing GUI Automation with AI Imagine AI that not only understands but also interacts with your Windows 11 interface like a seasoned professional. Microsoft's OmniParser V2 and OmniTool make this a re

I Tried Vibe Coding with Cursor AI and It's Amazing!I Tried Vibe Coding with Cursor AI and It's Amazing!Mar 20, 2025 pm 03:34 PM

Vibe coding is reshaping the world of software development by letting us create applications using natural language instead of endless lines of code. Inspired by visionaries like Andrej Karpathy, this innovative approach lets dev

Runway Act-One Guide: I Filmed Myself to Test ItRunway Act-One Guide: I Filmed Myself to Test ItMar 03, 2025 am 09:42 AM

This blog post shares my experience testing Runway ML's new Act-One animation tool, covering both its web interface and Python API. While promising, my results were less impressive than expected. Want to explore Generative AI? Learn to use LLMs in P

Replit Agent: A Guide With Practical ExamplesReplit Agent: A Guide With Practical ExamplesMar 04, 2025 am 10:52 AM

Revolutionizing App Development: A Deep Dive into Replit Agent Tired of wrestling with complex development environments and obscure configuration files? Replit Agent aims to simplify the process of transforming ideas into functional apps. This AI-p

Top 5 GenAI Launches of February 2025: GPT-4.5, Grok-3 & More!Top 5 GenAI Launches of February 2025: GPT-4.5, Grok-3 & More!Mar 22, 2025 am 10:58 AM

February 2025 has been yet another game-changing month for generative AI, bringing us some of the most anticipated model upgrades and groundbreaking new features. From xAI’s Grok 3 and Anthropic’s Claude 3.7 Sonnet, to OpenAI’s G

How to Use YOLO v12 for Object Detection?How to Use YOLO v12 for Object Detection?Mar 22, 2025 am 11:07 AM

YOLO (You Only Look Once) has been a leading real-time object detection framework, with each iteration improving upon the previous versions. The latest version YOLO v12 introduces advancements that significantly enhance accuracy

Elon Musk & Sam Altman Clash over $500 Billion Stargate ProjectElon Musk & Sam Altman Clash over $500 Billion Stargate ProjectMar 08, 2025 am 11:15 AM

The $500 billion Stargate AI project, backed by tech giants like OpenAI, SoftBank, Oracle, and Nvidia, and supported by the U.S. government, aims to solidify American AI leadership. This ambitious undertaking promises a future shaped by AI advanceme

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

MinGW - Minimalist GNU for Windows

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

MantisBT

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)