scorecardresearch
Business Today
Subscribe
PMS Today US News India UPSTART Weather BT Shorts NRI Education Election
BT Golf BT Mindrush BT Best Banks
Clear all
Search

COMPANIES

No Data Found

NEWS

No Data Found
Sign in Subscribe
events
Special
  • BT tech today
  • BT 500 wealth creators summit
  • Economic Indicators
News
TECHNOLOGY
News
Microsoft data breach: Employees’ credentials like passwords leaked on internet

Feedback

Microsoft data breach: Employees’ credentials like passwords leaked on internet

Security researchers discovered an open and public storage server hosted on Microsoft’s Azure cloud service that was storing internal information relating to Microsoft’s Bing search engine

Join Our WhatsApp Channel
Microsoft Microsoft

Microsoft has allegedly faced a data breach that has exposed employees’ credentials and internal company files to the internet. This was revealed by security researchers Can Yoleri, Murat Özfidan and Egemen Koçhisarlı with SOCRadar, a cybersecurity company that helps organizations find security weaknesses. They discovered an open and public storage server hosted on Microsoft’s Azure cloud service that was storing internal information relating to Microsoft’s Bing search engine without being highlighted.

Notably, TechCrunch has reported that this breach is now resolved.

The data available online included housed code, scripts and configuration files containing passwords, keys and credentials used by the Microsoft employees for accessing other internal databases and systems. The alarming part is this server was not password protected and hence could be acessed by anyone on the internet.

As per the report, the exposed data could have helped malicious actors get access to other internal Microsoft files. As per a statement by Yoleri, identifying storage locations of internal files “could result in more significant data leaks and possibly compromise the services in use”.

It was revealed that the researchers had already reported the issue to Microsoft in February. However, the company took almost a month to resolve it. It still remains unclear if any unauthorised party got access to the data, or how long was the data exposed for before the company decided to secure it.

Microsoft has not issued any official statement regarding the security lapse as of now.

Earlier this week, India-based wearable company, Boat, also allegedly faced a massive data breach where personal information of over 7.5 million customers was exposed on dark web. Reportedly, this data included names, addresses, phone numbers, email addresses, and customer IDs. This kind of data leak can lead to financial fraud, phishing attempts, and identity theft. The company openly acknowledged they are investigating the reported breach and assured its customers that safeguarding their data remains its utmost priority.

Also Read: 

Travel tech checklist for long weekends: Power banks, navigation tools, anti-theft apps and more

Dell Alienware M16 R2 gaming laptop launched in India: Check price, specs, features

For Unparalleled coverage of India's Businesses and Economy – Subscribe to Business Today Magazine

Published on: Apr 10, 2024, 3:19 PM IST
IN THIS STORY
Follow Us on Channel
×

Top Stories TOP STORIES

TOP VIDEOS

market today

Advertisement