Microsoft’s AI Team Accidentally Leaks Terabytes of Company Data

  • 📰 futurism
  • ⏱ Reading Time:
  • 47 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 22%
  • Publisher: 68%

Business News News

Business Business Latest News,Business Business Headlines

Microsoft AI researchers accidentally leaked 38 terabytes of confidential company data — all because of one misconfigured permission token.

According to Wiz, the mistake was made when Microsoft AI researchers were attempting to publish a "bucket of open-source training material" and "AI models for image recognition" to the developer platform.

The researchers miswrote the files' accompanying SAS token, or the storage URL that establishes file permissions. Basically, instead of granting GitHub users access to the downloadable AI material specifically, the butchered token allowed general access to the entire storage account. And we're not just talking read-only permissions. The mistake actually granted "full control" access, meaning that anyone who might have wanted to tinker with the many terabytes of data — including that of the AI training material and AI models included in the pile — would have been able to.

An "attacker could have injected malicious code into all the AI models in this storage account," Wiz's researchers write, "and every user who trusts Microsoft’s GitHub repository would've been infected by it.", meaning that this sensitive material has basically been open-season for several years.

 

Thank you for your comment. Your comment will be published after being reviewed.
Please try again later.
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

 /  🏆 85. in BUSİNESS

Business Business Latest News, Business Business Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Microsoft accidentally leaked 38TB of data, but the company says no customer data was exposed.Cloud security researchers at Wiz found the leak and reported it to Microsoft. Here’s what was leaked, according to Microsoft (with its emphasis):
Source: verge - 🏆 94. / 67 Read more »