Technology peripheralsAIMicrosoft AI researchers accidentally leaked 38TB of internal data, including private keys and password information
There is no need to change the original meaning, the content that needs to be rewritten is: Source: IT Home
Wiz Research announced today that a data leak was discovered in Microsoft AI's GitHub repository, which was caused by a misconfigured SAS (IT Home Note: Shared Access Signature) token
In terms of details, Microsoft's artificial intelligence research team released open source training data on GitHub, but accidentally exposed 38TB of other internal data, including disk backups of the personal computers of several Microsoft employees. These backups contained confidential information, private keys, passwords, and thousands of internal Microsoft team messages, involving more than 30,000 employees
This GitHub repository provides open source code and AI models for image recognition, visitors need to download the model from the Azure storage URL. However, Wiz discovered that the URL's permissions were misconfigured, causing permissions to be granted to the entire storage account, thereby incorrectly exposing other private data
According to reports, the URLs involved are said to have exposed the data since 2020. Furthermore, the URL was incorrectly configured to allow "Full Control" instead of "Read-Only" permissions. This means that anyone who knows how to view this URL could potentially remove, replace, and inject malicious content
Wiz said it reported the issue to Microsoft on June 22, and two days later on June 24, Microsoft announced it was revoking the SAS tokens. Microsoft said it completed its investigation into potential organizational impact on August 16.
The following is the specific timeline of the entire incident:
On July 20, 2020, the SAS token was submitted to GitHub for the first time; the expiration date is October 5, 2021
October 6, 2021 - SAS token expiration date updated to October 6, 2051
June 22, 2023 - The Wiz research team discovered the issue and reported it to Microsoft
June 24, 2023 - Microsoft Announces SAS Token Expiration
On July 7, 2023, the SAS token was replaced on GitHub
August 16, 2023 - Microsoft completes internal investigation into potential impact
September 18, 2023 - Wiz Research publicly discloses this
The above is the detailed content of Microsoft AI researchers accidentally leaked 38TB of internal data, including private keys and password information. For more information, please follow other related articles on the PHP Chinese website!
Tesla's Robovan Was The Hidden Gem In 2024's Robotaxi TeaserApr 22, 2025 am 11:48 AMSince 2008, I've championed the shared-ride van—initially dubbed the "robotjitney," later the "vansit"—as the future of urban transportation. I foresee these vehicles as the 21st century's next-generation transit solution, surpas
Sam's Club Bets On AI To Eliminate Receipt Checks And Enhance RetailApr 22, 2025 am 11:29 AMRevolutionizing the Checkout Experience Sam's Club's innovative "Just Go" system builds on its existing AI-powered "Scan & Go" technology, allowing members to scan purchases via the Sam's Club app during their shopping trip.
Nvidia's AI Omniverse Expands At GTC 2025Apr 22, 2025 am 11:28 AMNvidia's Enhanced Predictability and New Product Lineup at GTC 2025 Nvidia, a key player in AI infrastructure, is focusing on increased predictability for its clients. This involves consistent product delivery, meeting performance expectations, and
Exploring the Capabilities of Google's Gemma 2 ModelsApr 22, 2025 am 11:26 AMGoogle's Gemma 2: A Powerful, Efficient Language Model Google's Gemma family of language models, celebrated for efficiency and performance, has expanded with the arrival of Gemma 2. This latest release comprises two models: a 27-billion parameter ver
The Next Wave of GenAI: Perspectives with Dr. Kirk Borne - Analytics VidhyaApr 22, 2025 am 11:21 AMThis Leading with Data episode features Dr. Kirk Borne, a leading data scientist, astrophysicist, and TEDx speaker. A renowned expert in big data, AI, and machine learning, Dr. Borne offers invaluable insights into the current state and future traje
AI For Runners And Athletes: We're Making Excellent ProgressApr 22, 2025 am 11:12 AMThere were some very insightful perspectives in this speech—background information about engineering that showed us why artificial intelligence is so good at supporting people’s physical exercise. I will outline a core idea from each contributor’s perspective to demonstrate three design aspects that are an important part of our exploration of the application of artificial intelligence in sports. Edge devices and raw personal data This idea about artificial intelligence actually contains two components—one related to where we place large language models and the other is related to the differences between our human language and the language that our vital signs “express” when measured in real time. Alexander Amini knows a lot about running and tennis, but he still
Jamie Engstrom On Technology, Talent And Transformation At CaterpillarApr 22, 2025 am 11:10 AMCaterpillar's Chief Information Officer and Senior Vice President of IT, Jamie Engstrom, leads a global team of over 2,200 IT professionals across 28 countries. With 26 years at Caterpillar, including four and a half years in her current role, Engst
New Google Photos Update Makes Any Photo Pop With Ultra HDR QualityApr 22, 2025 am 11:09 AMGoogle Photos' New Ultra HDR Tool: A Quick Guide Enhance your photos with Google Photos' new Ultra HDR tool, transforming standard images into vibrant, high-dynamic-range masterpieces. Ideal for social media, this tool boosts the impact of any photo,
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Zend Studio 13.0.1
Powerful PHP integrated development environment
Notepad++7.3.1
Easy-to-use and free code editor
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
