时间:2025-04-03 17:14:52 来源:网络整理编辑:焦點
AI researchers at Microsoft have made a huge mistake.According to a new reportfrom cloud security co
AI researchers at Microsoft have made a huge mistake.
According to a new reportfrom cloud security company Wiz, the Microsoft AI research team accidentally leaked 38TB of the company's private data.
38 terabytes. That's a lotof data.
The exposed data included full backups of two employees' computers. These backups contained sensitive personal data, including passwords to Microsoft services, secret keys, and more than 30,000 internal Microsoft Teams messages from more than 350 Microsoft employees.
Tweet may have been deleted
So, how did this happen? The report explains that Microsoft's AI team uploaded a bucket of training data containing open-source code and AI models for image recognition. Users who came across the Github repository were provided with a link from Azure, Microsoft's cloud storage service, in order to download the models.
One problem: The link that was provided by Microsoft's AI team gave visitors complete access to the entire Azure storage account. And not only could visitors view everything in the account, they could upload, overwrite, or delete files as well.
Wiz says that this occurred as a result of an Azure feature called Shared Access Signature (SAS) tokens, which is "a signed URL that grants access to Azure Storage data." The SAS token could have been set up with limitations to what file or files could be accessed. However, this particular link was configured with full access.
Adding to the potential issues, according to Wiz, is that it appears that this data has been exposed since 2020.
Wiz contacted Microsoft earlier this year, on June 22, to warn them about their discovery. Two days later, Microsoft invalidated the SAS token, closing up the issue. Microsoft carried out and completed an investigation into the potential impacts in August.
Microsoft provided TechCrunch with a statement, claiming “no customer data was exposed, and no other internal services were put at risk because of this issue.”
TopicsCybersecurityMicrosoft
This app is giving streaming TV news a second try2025-04-03 16:47
徐亮:沒想到李鐵會被帶走 很多人已經睡不著覺了2025-04-03 16:28
徐亮 :沒想到李鐵會被帶走 很多人已經睡不著覺了2025-04-03 16:27
曝許家印6.5億山頂豪宅被接管 還有兩幢已被抵押2025-04-03 16:24
Xiaomi accused of copying again, this time by Jawbone2025-04-03 16:02
巴索戈:申花球員都在祝賀我 盼中國球迷在世界杯上支持我2025-04-03 15:58
中超最佳陣容:林良銘傳射冠絕全場 BIG3僅1人入選2025-04-03 15:52
再戰滄州雄獅廣州隊麵臨嚴峻考驗 共克時艱力爭每一分2025-04-03 15:34
New Zealand designer's photo series celebrates the elegance of aging2025-04-03 15:19
馬寧:有責任吹好世界杯的比賽 平時看比賽了解球員2025-04-03 15:15
The five guys who climbed Australia's highest mountain, in swimwear2025-04-03 17:08
點球判罰存爭議又要拷問主裁良心?魯能繼續爭冠節奏2025-04-03 17:03
中超餘下各輪賽事安排仍存變數 主辦方力保12月31日落幕2025-04-03 16:19
中超積分榜 :三鎮繼續領跑泰山第二 河北隊墊底2025-04-03 16:02
Uber's $100M settlement over drivers as contractors may not be enough2025-04-03 15:26
足協官方:因未能解決欠薪 中超中甲3隊各扣除3分積分2025-04-03 15:13
中超積分榜 :山東隊3分領跑施壓三鎮 廣州城仍未逃出降級區2025-04-03 15:04
中超積分榜:山東泰山登頂 河北隊17連敗墊底2025-04-03 14:51
Hiddleswift finally followed each other on Instagram after 3 excruciating days2025-04-03 14:47
中超積分榜:山東隊3分領跑施壓三鎮 廣州城仍未逃出降級區2025-04-03 14:32