Microsoft Patches Vulnerability Exposing Private Data from AI Research Division
Published: 2023-09-18Microsoft has recently patched a vulnerability that exposed a massive amount of private data from its AI research division. The vulnerability was discovered by white hat hackers who found a shareable link based on Azure Statistical Analysis System tokens. These hackers, known as Wiz, reported the issue to Microsoft, who promptly invalidated the token and replaced it on the GitHub page.
The vulnerability originated from a Shared Access Signature token for an internal storage account, which allowed the hackers to access the entire storage account. However, Microsoft has assured that no customer data was exposed. They have also advised caution against oversharing data to prevent similar incidents in the future.
In another news, the U.S. Department of Energy’s Water Power Technologies Office (WPTO) has announced plans to provide $14.5 million in funding for marine energy research at U.S. higher education institutions. This funding opportunity, expected to be released in fall 2023, aims to support foundational research in marine energy and floating offshore wind.
Marine energy refers to power generated from waves, tides, currents, and other ocean resources. It has the potential to contribute significantly to the country’s power generation. The funding will focus on areas such as data generation, exploring synergies with aquaculture, supporting undergraduate projects, and addressing industry needs.
In a cybersecurity incident, Microsoft’s AI research team accidentally exposed a large cache of private data on GitHub. This data leak occurred when the research team published open-source training data with a misconfigured link. The exposed data included personal computer backups of Microsoft employees, which contained passwords, secret keys, and internal Microsoft Teams messages.
Cybersecurity firm Wiz discovered the data leak and promptly shared the information with Microsoft, who quickly removed it. Microsoft has confirmed that no customer data was exposed, and no other internal services were at risk.
These incidents highlight the importance of data security and the need for organizations to be cautious when sharing sensitive information. It is crucial for companies to have robust security measures in place to protect their data and prevent unauthorized access.
Open data, which refers to the idea that certain data should be freely available to everyone to use and republish as they wish, plays a significant role in today’s digital age. It allows for transparency and accessibility, enabling individuals and organizations to make informed decisions based on facts and statistics.
However, incidents like these remind us of the responsibility that comes with open data. While it provides valuable information, it is essential to handle it with care and ensure that proper security measures are in place to protect sensitive data.
As we navigate the digital landscape, it is crucial for individuals and organizations to prioritize data security and privacy. By doing so, we can harness the power of open data while mitigating the risks associated with its misuse or exposure.
In conclusion, recent events have highlighted the importance of data security and the need for caution when sharing sensitive information. Open data has the potential to drive innovation and empower individuals and organizations with valuable insights. However, it is crucial to handle data responsibly and ensure that proper security measures are in place to protect sensitive information. By doing so, we can leverage the power of open data while safeguarding privacy and maintaining transparency.
https://www.techrepublic.com/article/microsoft-internal-data-leak-azure/Related news on 2023-09-18
- coastalnewstoday.com: Coastal News Today | united states - DOE Announces Upcoming $14 . 5 Million Funding Opportunity to Advance Marine Energy Research at U . S . Colleges and Universities
- bnnbloomberg.ca: Microsoft AI Researchers Accidentally Exposed Big Cache of Data
- techrepublic.com: White Hat Hackers Discover Microsoft Leak of 38TB of Internal Data Via Azure Storage