时间:2025-04-26 17:40:21 来源:网络整理编辑:焦點
AI researchers at Microsoft have made a huge mistake.According to a new reportfrom cloud security co
AI researchers at Microsoft have made a huge mistake.
According to a new reportfrom cloud security company Wiz, the Microsoft AI research team accidentally leaked 38TB of the company's private data.
38 terabytes. That's a lotof data.
The exposed data included full backups of two employees' computers. These backups contained sensitive personal data, including passwords to Microsoft services, secret keys, and more than 30,000 internal Microsoft Teams messages from more than 350 Microsoft employees.
Tweet may have been deleted
So, how did this happen? The report explains that Microsoft's AI team uploaded a bucket of training data containing open-source code and AI models for image recognition. Users who came across the Github repository were provided with a link from Azure, Microsoft's cloud storage service, in order to download the models.
One problem: The link that was provided by Microsoft's AI team gave visitors complete access to the entire Azure storage account. And not only could visitors view everything in the account, they could upload, overwrite, or delete files as well.
Wiz says that this occurred as a result of an Azure feature called Shared Access Signature (SAS) tokens, which is "a signed URL that grants access to Azure Storage data." The SAS token could have been set up with limitations to what file or files could be accessed. However, this particular link was configured with full access.
Adding to the potential issues, according to Wiz, is that it appears that this data has been exposed since 2020.
Wiz contacted Microsoft earlier this year, on June 22, to warn them about their discovery. Two days later, Microsoft invalidated the SAS token, closing up the issue. Microsoft carried out and completed an investigation into the potential impacts in August.
Microsoft provided TechCrunch with a statement, claiming “no customer data was exposed, and no other internal services were put at risk because of this issue.”
TopicsCybersecurityMicrosoft
The Weeknd teases new music in Instagram post2025-04-26 17:17
官方:熱刺VS伯恩利因大雪被取消 比賽將延期進行2025-04-26 16:52
法媒:內馬爾預計因傷休戰六周 2021年提前報銷2025-04-26 16:05
內馬爾腳踝嚴重變形90度扭曲 名記曝受傷較為嚴重2025-04-26 15:58
Photos show the Blue Cut fire blazing a path of destruction in California2025-04-26 15:39
曝李鐵用國腳資格幫經紀公司置換利益 執教國足仍幹預武漢隊工作2025-04-26 15:21
穆伊回歸中場三核終於同台 熱身賽海港32025-04-26 15:15
金球獎官推列獲獎三大條件 這不是梅西還能是誰?2025-04-26 15:09
Nate Parker is finally thinking about the woman who accused him of rape2025-04-26 15:06
宛如過山車!米蘭鐵衛破門+直紅 慘遭犯罪式過人2025-04-26 15:01
Whyd voice2025-04-26 17:36
球賽宣揚女權記者卻遭襲臀 意大利美女遭遇極尷尬2025-04-26 17:34
金球獎官推列獲獎三大條件 這不是梅西還能是誰 ?2025-04-26 17:29
前國足翻譯 :足協脫鉤動作愈發靈活 應該承擔把李鐵選上來的責任2025-04-26 16:40
17 questions you can answer if you're a good communicator2025-04-26 16:36
爭冠又亂了 !藍軍戰平紅魔 曼城紅軍坐收漁翁之利2025-04-26 16:34
切爾西VS曼聯首發:拉什福德桑喬出戰 C羅盧卡庫替補2025-04-26 16:16
巴黎VS聖埃蒂安首發:NMM領銜 拉莫斯完成首秀2025-04-26 16:02
Despite IOC ban, Rio crowds get their political messages across2025-04-26 15:58
球賽宣揚女權記者卻遭襲臀 意大利美女遭遇極尷尬2025-04-26 15:00