Technology

Microsoft’s AI researchers accidentally leaked 38,000 GB of data, including product keys, passwords, emails

Microsoft’s AI researchers accidentally leaked 38,000 GB of data, including product keys, passwords, emails

Sep 20, 2023 - 11:30
 0  21
Microsoft’s AI researchers accidentally leaked 38,000 GB of data, including product keys, passwords, emails

Researchers at Microsoft inadvertently exposed 38 terabytes of personal data. The incident occurred when the AI team was uploading training data to enable other researchers to train AI models for image recognition.

Inadvertently, this exposure included sensitive information such as “secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages,” as initially detected by the cloud security platform Wiz.

In Microsoft’s official report addressing the breach, they emphasized that no customer data was compromised, and no other internal services were put in jeopardy due to this incident. They also reassured that there was no specific action required from their customers.

The data link that led to the exposure was created using a feature in Azure known as “SAS tokens,” which allows users to generate shareable links. Wiz first identified the unauthorized access to the data on June 22 and promptly alerted Microsoft.

Microsoft took immediate action by revoking the token the following day. They claim to have resolved the issue and have adjusted SAS tokens to be less permissive than before.

Microsoft clarified that the exposed information was unique to two former Microsoft employees and their workstations. Again, they reiterated that customer data remained secure, and no other Microsoft services were compromised.

They emphasized the importance of handling SAS tokens appropriately and encouraged customers to follow their best practices to minimize the risk of unintended access or abuse.

Wiz warned that these types of errors might become more prevalent as AI is increasingly utilized and trained. They explained that this case serves as an example of the new challenges organizations face when harnessing the power of AI on a broader scale.

With engineers handling vast amounts of training data, additional security checks and safeguards are essential to protect sensitive information as data scientists and engineers work to deploy new AI solutions.

Original Post

Tags:

Previous Article

Women’s Reservation Bill: Why 33% quotas for women won’t be a reality until 2029

Next Article

Best phones under Rs 60,000 (Sept 2023): OnePlus 11 5G, Apple iPhone 13 to iQOO ...

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

Related Posts

UPI gets a major makeover, now integrated with AI to support conversational payments

UPI gets a major makeover, now integrated with AI to su...

Aug 11, 2023  0  43

No AI for Space: US Space Force halts use of AI tools over data security concerns

No AI for Space: US Space Force halts use of AI tools o...

Oct 12, 2023  0  24

Following the US, Japan starts antimonopoly investigation into Google's search dominance

Following the US, Japan starts antimonopoly investigati...

Oct 23, 2023  0  26