The company revealed that it was informed of the isolated incident by researchers at SOCRadar, though both companies remain in disagreement over how many users were impacted and best practices that cybersecurity researchers should take when they encounter a breach or leak in the future. Instead of finding these breaches out by landing on a page by accident or not, is quite concerning Policies related to double checking configuration changes, or having them confirmed by another person, is not a bad idea when the outcome could lead to the exposure of sensitive data.. Dr. Alex Wolf, Graduating medical student(PHD), hacker Joe who helped me in changing my grade and repaired my credit score with better score, pls reach out to him if you need An hacking service on DIGITALDAWGPOUNDHACKERGROUP@GMAIL.COM The popular password manager LastPass faced a major attack last year that compromised sensitive data of its users, including passwords. Eduard Kovacs March 23, 2022 Microsoft and Okta have both confirmed suffering data breaches after a cybercrime group announced targeting them, but the companies claim impact is limited. (RTTNews) - Personal data of 38 million users were accidentally leaked due to a fault in Microsoft's (MSFT) Power Apps . Overall, hundreds of users were impacted. The threat of ransomware attacks, data breaches or major IT outages worries companies even more than business and supply chain disruption, natural disasters or the COVID-19 pandemic, all of. Bako Diagnostics' services cover more than 250 million individuals. The SOCRadar researchers also note that the leaking data on the Azure Blob Storage instance totaled 2.4 terabytes and included proof-of-execution and statement-of-work documents, including some that may reveal intellectual property. "No data was downloaded. The intrusion was only detected in September 2021 and included the exposure and potential theft of . January 17, 2022. Microsoft followed suit and named a Chinese state-sponsored hacker group, Hafnium, as the culprit behind the attack. The misconfiguration in this case happened on the part of the third-party companies, and was not directly caused by Microsoft. Whether the first six months of 2022 have felt interminable or fleetingor bothmassive hacks, data breaches, digital scams, and ransomware attacks continued apace throughout the first half of . Having been made aware of the breach on September 24, 2022, Microsoft released a statement saying it had secured the comprised endpoint, which is now only accessible with required authentication, and that an investigation found no indication customer accounts or systems were compromised.. Look for data classification technology solutions that allow auto-labeling, auto-classification, and enforcement of classification across an organization. SOCRadar executives stated that the company does not keep any of the data it comes across and has since deleted any data that its tool may have accessed. The total damage from the attack also isnt known. SOCRadar has also made available a free tool that companies can use to find out if their data was exposed in one of the BlueBleed buckets. The only way to ensure that your sensitive data is stored properly is with a thorough data discovery process. . A representative for LinkedIn reported to Business Insider that this data was scraped from publicly available data on the platform. The tech giant announced in June 2021 that it found malware designed to steal information on a customer support agents computer, potentially allowing the hackers to access basic account information on a limited number of customers. Microsoft did publish Power Apps documentation describing how certain data could end up publicly accessible. These buckets, which the firm has dubbed BlueBleed, included a misconfigured Azure Blob Storage instance allegedly containing information on more than 65,000 entities in 111 countries. Microsoft customers find themselves in the middle of a data breach situation. Apples security trumps Microsoft and Twitters, say feds, LastPass reveals how it got hacked and its not good news, A beginners guide to Tor: How to navigate the underground internet. The unintentional misconfiguration was on an endpoint that was not in use across the Microsoft ecosystem and was not the result of a security vulnerability. It all began in August 2022, when LastPass revealed that a threat actor had stolen the apps source code. If hackers gained access to that Skype password, they could effectively bypass the two-factor authentication, giving them access. by April 19, 2022. After digging deeper, the specialist noticed more unexpected activities, including requests relating to specific emails and for confidential files. You dont want to store data longer than necessary because that increases the amount of data that could be exposed in a breach. Lets look at four of the biggest challenges of sensitive data and strategies for protecting it. In this case, Microsoft was wholly responsible for the data leak. This incident came to light in January 2021 when a security specialist noticed some anomalous activity on a Microsoft Exchange Server operated by a customer namely, that an odd presence on the server was downloading emails. ", Microsoft added today that it believes SOCRadar "greatly exaggerated the scope of this issue" and "the numbers. 3:18 PM PST February 27, 2023. The company said the leak included proof-of-execution (PoE) and statement of work (SoW) documents, user information, product orders and offers, project details, and personal information. "Our investigation did not find indicators of compromise of the exposed storage location. In a lengthy blog post, Microsofts security team described Lapsus$ as a large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements. They go on to describe the groups tactics in great detail, indicating that Microsoft had been studying Lapsus$ carefully before the incident occurred. Future US, Inc. Full 7th Floor, 130 West 42nd Street, Instead, we recommend an approach that integrates data protection into your existing processes to protect sensitive data. This trend will likely continue in 2022 as attackers continue to seek out vulnerabilities in our most critical systems. Thank you, CISA releases free Decider tool to help with MITRE ATT&CK mapping, Terms of Use - Privacy Policy - Ethics Statement, Copyright @ 2003 - 2023 Bleeping Computer LLC - All Rights Reserved. Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users, Microsoft pointed out. If you have been impacted from this potential data breach, you will receive details and instructions from Microsoft. Microsoft has confirmed one of its own misconfigured cloud systems led to customer information being exposed to the internet, though it disputes the extent of the leak. January 18, 2022. The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks. Security breaches are very costly. The tech giant said it quickly addressed the issue and notified impacted customers. "More importantly, we are disappointed that SOCRadar has chosen to release publicly a 'search tool' that is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk," Microsoft added in its response. A configuration issue allowed customers to download Offline Address Books which contained business contact information for employees of other users inadvertently. Per SOCRadar's analysis, these files contain customer emails, SOW documents, product offers,POC (Proof of Concept) works, partner ecosystem details, invoices, project details, customer product price list,POE documents, product orders, signed customer documents, internal comments for customers, sales strategies, and customer asset documents. When you purchase through links on our site, we may earn an affiliate commission. With information from the database, attackers could create tools to break into systems by exploring the vulnerabilities, potentially allowing them to target hundreds of millions of computers. August 25, 2021 11:53 am EDT. In one of the broadest security incidents involving Microsoft, four zero-day vulnerabilities led to widespread hacking attempts targeting Microsoft Exchange Servers. And you dont want to delete data too quickly and put your organization at risk of regulatory violations. Humans are the weakest link. In February 2022, News Corp admitted server breaches way back to February 2020. The database wasnt properly password-protected for approximately one month (December 5, 2019, through December 31, 2019), making the details accessible to anyone with a web browser who managed to connect to the database. Since dozens of organizations including American Airlines, Ford Motor Co., and the New York Metropolitan Transportation Authority were involved, the nature of the exposed data varied. Many feel that a simple warning in technical documentation isnt sufficient, potentially putting part of the blame on Microsoft. Security Trends for 2022. A threat group calling itself Lapsus$ announced recently that it had gained access to the source code of Microsoft products such as Bing and Cortana. Ultimately, the responsibility of preventing accidental data exposure falls on the Chief Information Security Officer (CISO) and Chief Data Officer. This presentation will provide an overview of the security risks associated with SaaS, best practices for mitigating these risks and protecting data, and discuss the importance of regularly reviewing and updating SaaS security practices to ensure ongoing protection of data. "On this query page, companies can see whether their data is published anonymously in any open buckets. The exposed information allegedly included over 335,000 emails, 133,000 projects, and 548,000 users. Microsoft uses the following classifications: Identifying data at scale is a major challenge, as is enforcing a process so employees manually mark documents as sensitive. The hackers then pushed out malicious updates to approximately 18,000 SolarWinds customers utilizing a supply chain attack approach, giving them access to the customers systems, networks, and data. Microsoft also disputed some key details of SOCRadars findings: After reviewing their blog post, we first want to note that SOCRadar has greatly exaggerated the scope of this issue. "The leaked data does not belong to us, so we keep no data at all," Seker told Bleeping Computer, noting that his company was disappointed with Microsoft's accusations. February 21, 2023. To learn more about Microsoft Security solutions,visit ourwebsite. The screenshot was taken within Azure DevOps, a collaboration software created by Microsoft, and indicated that Bing, Cortana, and other projects had been compromised in the breach. While many data breaches and leaks have plagued the internet in the past, this one is exceptional in the sheer size of it. Trainable classifiers identify sensitive data using data examples. The Allianz Risk Barometer is an annual report that identifies the top risks for companies over the next 12 months. Welcome to Cyber Security Today. I'd assume MS is telling no more than they are legally required to and even at that possibly framing the information as best as possible to downplay it all. The cost of a data breach in 2022 was $4.35M - a 12.7% increase compared to 2020, when the cost was $3.86M. Since then, he has covered a range of consumer and enterprise devices, raning from smartphones to tablets, laptops to desktops and everything in between for publications like Pocketnow, Digital Trends, Wareable, Paste Magazine, and TechRadar in the past before joining the awesome team at Windows Central. Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. They are accountable for protecting information and sharing data via processes and workflows that enable protection, while also not hindering workplace productivity. Microsoft acknowledged the data leak in a blog post. But there werent any other safeguards in place, such as a warning notification inside the software announcing that a system change would make the data public. Microsoft is another large enterprise that suffered two major breaches in 2022. Duncan Riley. A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services. Get the best of Windows Central in your inbox, every day!