Bad news - Microsoft employees leaked 38TB worth of private data, including Teams chats

Cloud Security
(Image credit: laymanzoom / Shutterstock)

Cybersecurity researchers from Wiz have discovered a huge, unlocked Microsoft Azure cloud storage database, hosting sensitive information on hundreds of people, including private keys and passwords.

The database, as it turned out, belonged to Microsoft’s researchers working on Artificial Intelligence (AI). The good news is that the database was locked before any hackers could get to it. 

As Wiz’s researchers explained, they were investigating accidental cloud-hosted data exposure when they found a Microsoft GitHub repository with open-source code for AI models, to be used for image recognition. The models were hosted on an Azure Storage URL, but due to obvious human error, the storage also held data that no one should have access to. 

Massive Microsoft breach

That data includes 38 terabytes of information, including backups of two Microsoft employees’ computers, passwords to Microsoft services, and more than 30,000 Teams chat messages exchanged by Microsoft employees. The storage account wasn’t accessible directly, the researchers explained. Instead, Microsoft’s AI team generated a shared access signature token (SAS) that granted too many permissions. With SAS tokens, TechCrunch explains, Azure users can generate shareable links for Azure Storage account data. 

Wiz notified Microsoft of its findings on June 22, and the SAS token was revoked two days later. It took the company almost three weeks to run a thorough investigation, after which it concluded that the data hadn’t been accessed by any unauthorized third parties, TechCrunch said

To make sure these things don’t happen again, Microsoft expanded GitHub’s secret spanning service, which tracks all public open-source code changes for credentials and other secrets exposed in plaintext.

Unfortunately, unsecured databases are a common occurrence. Earlier this year, a relatively popular Android voice chat app, OyeTalk, did the same thing. It was using Google’s Firebase mobile application development platform, which also offers cloud-hosted databases. According to researchers from Cybernews, OyeTalk’s Firebase instance was not password-protected, meaning its contents were available for all to see.

More from TechRadar Pro

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A person using DeepSeek on their smartphone
DeepSeek security breach - critical databases exposed, more than one million records reportedly leaked
hacker.jpeg
Thousands of GitHub repositories exposed via Microsoft Copilot
Shadowed hands on a digital background reaching for a login prompt.
Private API keys and passwords found in AI training dataset - nearly 12,000 details leaked
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
A top online gift card store may have exposed private data on hundreds of thousands of users
Data leak
Popular online bill paying site leaks data of thousands of users
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
Latest in Security
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does