Microsoft AI Researchers Accidentally Exposed Tens of Terabytes of Sensitive Data

Clorox supplies to run short following cyberattack, Programmer behind 8Base shame site ID'ed, 65 Oz gov't depts. were victims of law firm breach, Australia to build six cyber "shields," much more

Photo by rc.xyz NFT gallery on Unsplash

Cloud security startup Wiz said it discovered Microsoft AI researchers accidentally exposed tens of terabytes of sensitive data, including private keys and passwords, after finding a GitHub repository belonging to Microsoft’s AI research division as part of its ongoing work into the accidental exposure of cloud-hosted data.

Readers of the GitHub repository, which provided open-source code and AI models for image recognition, were instructed to download the models from an Azure Storage URL. However, Wiz found that this URL was configured to grant permissions on the entire storage account, exposing additional private data by mistake.

This data included 38 terabytes of sensitive information, including the personal backups of two Microsoft employees’ personal computers. The data also contained other sensitive …