Involving 30,000 pieces of internal information and 38TB of data! Microsoft AI team exposed to data leak

Wiz cloud security company discovered that more than 30,000 communication messages and a large number of files within Microsoft were leaked. Microsoft immediately deleted the leaked data after receiving the alert

A team at cloud security company Wiz discovered that Microsoft Corp.'s artificial intelligence research team accidentally exposed a large amount of data on the software development platform GitHub. Wiz stated that these data were accidentally leaked when the AI ​​team released open source training data on GitHub.

The

Wiz blog post stated that Microsoft let users download the artificial intelligence model from a link, however, the link was misconfigured to grant permissions to the entire storage account, and also granted the user full control permissions instead of read-only permissions , which means they can delete and overwrite existing files. Wiz said the exposed data includes Microsoft employees’ personal computer backups, including passwords and keys for Microsoft services and more than 30,000 internal Microsoft Teams messages from 359 Microsoft employees. It is said that data totals 38TB.

Wiz’s research team discovered the data cache while scanning the internet for misconfigured storage containers. This is part of their ongoing work to prevent accidental exposure of cloud-hosted data

Open data sharing is a key component of AI training, but sharing large amounts of data can put companies at greater risk if not shared properly, researchers at

Wiz say. Ami Luttwak, Wiz chief technology officer and co-founder, said Wiz notified Microsoft in June, and Microsoft acted quickly to delete the exposed data. He added that the incident "could have been much worse".

Asked for comment, a Microsoft spokesperson said: "We have confirmed that no customer data was compromised and no other internal services were at risk."

In a blog post published on Monday, Microsoft said the data exposed in the storage account included backups of two former employees' workstation configuration files, as well as internal Microsoft Teams messages between the two employees and their colleagues.

The above is the detailed content of Involving 30,000 pieces of internal information and 38TB of data! Microsoft AI team exposed to data leak. For more information, please follow other related articles on the PHP Chinese website!