Microsoft Data Leak Exposes 38TB in Major Breach

Executive Summary

In June 2023, Microsoft AI researchers inadvertently exposed 38TB of sensitive internal data during the publication of open-source training materials on GitHub. This significant data breach occurred due to a misconfigured Azure Shared Access Signature (SAS) token that allowed unrestricted public access to an entire storage account instead of just the intended datasets. The exposed data included private keys, passwords, internal Teams messages, and backups of two employee workstations. The incident highlights critical vulnerabilities in cloud storage configurations and emphasizes the importance of stringent cybersecurity practices to prevent unauthorized access to sensitive information.

 Read the full breach analysis from NHI Mgmt Group here

Key Details

Breach Timeline

• June 2023: Microsoft researchers published training materials on GitHub, leading to the exposure of sensitive data.
• Immediate response initiated upon discovery of the misconfigured SAS token access.

Data Compromised

• 38TB of internal data, including private keys and passwords, were made publicly accessible.
• Internal communications and backups of two employee workstations were also compromised.

Impact Assessment

• Potential for significant data misuse, leading to security vulnerabilities within Microsoft’s infrastructure.
• Increased scrutiny from regulators and the cybersecurity community regarding cloud security practices.

Company Response

• Microsoft promptly investigated the breach and implemented measures to rectify the misconfiguration.
• Strengthening of internal protocols governing the use of SAS tokens in Azure.

Security Implications

• This breach underscores the critical need for proper configuration management in cloud environments.
• Highlights the risks associated with using permissive access controls in sensitive data handling.

 If you want to learn more about how to secure NHIs including AI Agents, check our NHI Foundational Training Course.