While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in a self-service manner are becoming increasingly popular. The misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provision of Microsoft services. on August 12, 2022, 11:53 AM PDT. He has six years of experience in online publishing and marketing. Since sensitive data is everywhere, we recommend looking for a multicloud, multi-platform solution that enables you to leverage automation. Earlier this year, Microsoft, along with other technology firms, made headlines for a series of unrelated breaches as a result of cyber hacking from the Lapsus$ group. The data discovery process can surprise organizationssometimes in unpleasant ways. The cost of a data breach in 2022 was $4.35M - a 12.7% increase compared to 2020, when the cost was $3.86M. Of the files that were collected, SOCRadar's analysis revealed that these included proof of concept works, internal comments and sales strategies, customer asset documents, product orders, offers, and more. The total damage from the attack also isnt known. "We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.". He worked as a high school IT teacher for two years before starting a career in journalism as Softpedias security news reporter. (RTTNews) - Personal data of 38 million users were accidentally leaked due to a fault in Microsoft's (MSFT) Power Apps . The threat of ransomware attacks, data breaches or major IT outages worries companies even more than business and supply chain disruption, natural disasters or the COVID-19 pandemic, all of. The most recent Microsoft breach occurred in October 2022, when data on over 548,000 users was found on an misconfigured server. In February 2022, News Corp admitted server breaches way back to February 2020. In a second, subsequent attack, the hacker combined this data with information found in a separate data breach, then exploited a weakness in a remote-access app used by LastPass employees. In March 2022, the group posted a torrent file online containing partial source code from . Search can be done via metadata (company name, domain name, and email). Microsoft uses the following classifications: Identifying data at scale is a major challenge, as is enforcing a process so employees manually mark documents as sensitive. Microsoft data breach exposes customers contact info, emails. According to one source, the hacker gained access to the Slack account of an HR employee, as well as data such as email addresses, phone numbers, and salaries of Activision employees. Since dozens of organizations including American Airlines, Ford Motor Co., and the New York Metropolitan Transportation Authority were involved, the nature of the exposed data varied. Due to persistent pressure from Microsoft, we even have to take down our query page today, he added. Microsoft Data Breach. Computing giant Microsoft is no stranger to cyberattacks, and on March 20th 2022 the firm was targeted by a hacking collective called Lapsus$. Written by RTTNews.com for RTTNews ->. Additionally, they breached certain developer systems, including those operated by Zombie Studios, a company behind the Apache helicopter simulator used by the U.S. military. In a speech given at Carnegie Mellon University, Cybersecurity and Infrastructure Security Agency Director Jen Easterly pointed to Apple as a company that took security and accountability seriously, and suggested other companies should take note. They were researching the system and discovered various vulnerabilities relating to Cosmos DB, the Azure database service. Sorry, an error occurred during subscription. Even though this was caused not by a vulnerability but by a improeprly configured instance it still shows the clouds vulnerability. Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsofts verified publisher status. In April 2021, personal data on over 500 million LinkedIn users was posted for sale on a hacker forum. The company revealed that it was informed of the isolated incident by researchers at SOCRadar, though both companies remain in disagreement over how many users were impacted and best practices that cybersecurity researchers should take when they encounter a breach or leak in the future. In 2021, the effects of ransomware and data breaches were felt by all of us. Kron noted that although cloud services can be very convenient, and if secured properly, also very secure, when a misconfiguration occurs, the information can be exposed to many more potential people than on traditional internal on-premise systems. Microsoft has confirmed it was hacked by the same group that recently targeted Nvidia and Samsung. In October 2017, word broke that an internal database Microsoft used to track bugs within Microsoft products and software was compromised back in 2013. The intrusion was only detected in September 2021 and included the exposure and potential theft of . Please provide a valid email address to continue. The company learned about the misconfiguration on September 24 and secured the endpoint. If you have been impacted from this potential data breach, you will receive details and instructions from Microsoft. Every level of an organizationfrom IT operations and red and blue teams to the board of directors could be affected by a data breach. Along with some personally identifiable information including some customer email addresses, geographical data, and IP addresses support conversations and records were also exposed in the incident. ", Furthermore, Redmond said that SOCRadar's decision to collect the data and make it searchable using a dedicated search portal "is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk. The only way to ensure that your sensitive data is stored properly is with a thorough data discovery process. The screenshot posted to their Telegram channel showed that Bing, Cortana, and other projects had been compromised in the attack. 3Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected, Cezary Podkul, ProPublica. However, the organizations are ultimately the ones that applied the settings, making them responsible for the leaks, as well. 2. While Microsoft worked quickly to patch the vulnerabilities, securing the systems relied heavily on the server owners. Microsoft followed suit and named a Chinese state-sponsored hacker group, Hafnium, as the culprit behind the attack. Of an estimated 294 million people hacked in 2021, about 164 million were at risk because of data exposure eventswhen sensitive data is left vulnerable online.3. This will make it easier to manage sensitive data in ways to protect it from theft or loss. How do organizations identify sensitive data at scale and prevent accidental exposure of that data? MWC 2023 moves beyond consumer and deep into enterprise tech, Carrier equipment maker Ericsson lets go 8,500 employees, Apple reportedly planning second-generation mixed reality headset for 2025, Report: Justice Department plans lawsuit to block Adobe's $20B Figma acquisition, Galaxy Digital finalizes $44M acquisition of crypto self-custody platform GK8, Meta releases LLaMA to democratize access to large language AI models, INFRA - BY MARIA DEUTSCHER . SOCRadar claims that it shared with Microsoft its findings, which detailed that a misconfigured Azure Blob Storage was compromised and might have exposed approximately 2.4TB of privileged data, including names, phone numbers, email addresses, company names, and attached files containing proprietary company information, such as proof of concept documents, sales data, product orders, among other information. Another was because of insufficient detail to consumers in a privacy policy about data processing practices. The snapshot was of Azure DevOps, which is a collaboration software launched by Microsoft - it shared that Cortana, Bing, and other projects were compromised in the breach. It isnt known whether the information was accessed by cybercriminals before the issues were addressed. "No data was downloaded. Microsoft is disappointed that this tool has been publicly released, saying that its not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk. Microsoft Breach 2022! The threat intel company added that, from its analysis, the leaked data "includes Proof-of-Execution (PoE) and Statement of Work (SoW) documents, user information, product orders/offers, project details, PII (Personally Identifiable Information) data, and documents that may reveal intellectual property. It's Friday, October 21st, 2022. SOCRadar expressed "disappointment" over accusations fired by Microsoft. A threat group calling itself Lapsus$ announced recently that it had gained access to the source code of Microsoft products such as Bing and Cortana. We have directly notified the affected customers.". March 3, 2022: Laboratory Bako Diagnostics (BakoDX) confirmed that the company experienced a data breach resulting in the personal and healthcare information of certain consumers being compromised. by Bako Diagnostics' services cover more than 250 million individuals. SOCRadar has also made available a free tool that companies can use to find out if their data was exposed in one of the BlueBleed buckets. The data protection authorities have issued a total of $1.25 billion in fines over breaches of the GDPR since January 28, 2021.5. October 2022: 548,000+ Users Exposed in BlueBleed Data Leak A global wave of cyberattacks and data breaches began in January 2021 after four zero-day exploits were discovered in on-premises Microsoft Exchange Servers, giving attackers full access to user emails and passwords on affected servers, administrator privileges on the server, and access to connected devices on the same network. Dubbed BlueBleed Part 1, the Microsoft data leak exposed at least 2.4 terabytes of sensitive data belonging to 65,000 entities in 111 countries. 9. Some of the original attacks were traced back to Hafnium, which originates in China. Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility. Microsoft, one of the world's largest technology companies, suffered a serious security breach in March 2022. The details which included names, gamer tags, birthdays, and emails were accidentally published online and not accessed via a hack. The business transaction data included names, email addresses, email content, company name, and phone numbers, and may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner. Microsoft. Learn more about how to protect sensitive data. The exposed data includes, for example, emails from US .gov, talking about O365 projects, money etc - I found this not via SOCRadar, it's cached. Once the hackers could access customer networks, they could use customer systems to launch new attacks. Senior Product Marketing Manager, Microsoft, Featured image for SEC cyber risk management rulea security and compliance opportunity, SEC cyber risk management rulea security and compliance opportunity, Featured image for 4 things to look for in a multicloud data protection solution, 4 things to look for in a multicloud data protection solution, Featured image for How businesses are gaining integrated data protection with Microsoft Purview, How businesses are gaining integrated data protection with Microsoft Purview, Azure Active Directory part of Microsoft Entra, Microsoft Defender Vulnerability Management, Microsoft Defender Cloud Security Posture Mgmt, Microsoft Defender External Attack Surface Management, Microsoft Purview Insider Risk Management, Microsoft Purview Communication Compliance, Microsoft Purview Data Lifecycle Management, Microsoft Security Services for Enterprise, Microsoft Security Services for Incident Response, Microsoft Security Services for Modernization, Cyberattacks Against Health Plans, Business Associates Increase, Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected, Allianz Risk Barometer 2022:Cyber perils outrank Covid-19 and broken supply chains as top global business risk, Fines for breaches of EU privacy law spike sevenfold to $1.2 billion, as Big Tech bears the brunt. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts. This field is for validation purposes and should be left unchanged. Sensitive data can live in unexpected places within your organization. Microsoft (MSFT) has confirmed it was breached by the hacker group Lapsus$, adding to the cyber gang's growing list of victims. The database contained records collected dating back as far as 2005 and as recently as December 2019. November 16, 2022. With information from the database, attackers could create tools to break into systems by exploring the vulnerabilities, potentially allowing them to target hundreds of millions of computers. However, it isnt clear whether the information was ultimately used for such purposes. Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox. Apple has long held a reputation for rock-solid security, and now the U.S. government seemingly agrees after praising the company for its security procedures. However, News Corp uncovered evidence that emails were stolen from its journalists. The proposed Securities and Exchange Commission rule creates new reporting obligations for United States publicly traded companies to disclose cybersecurity incidents, risk management, policies, and governance. The tech giant said it quickly addressed the issue and notified impacted customers. Humans are the weakest link. All Rights Reserved. Microsoft Digital Defense Report 2022 Illuminating the threat landscape and empowering a digital defense. 2021. It should be noted that Tor can be used to access illegal content on the dark web, and Digital Trends does not condone or encourage this behavior. Microsoft has published the article Investigation Regarding Misconfigured Microsoft Storage Location regarding this incident. This miscongifuration resulted in the possibility of "unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers". Like many underground phenomena on the internet, it is poorly understood and shrouded in the sort of technological mysticism that people often ascribe to things like hacking or Bitcoin. In total, SOCRadar claims it was able to link this sensitive information to more than 65,000 entities from 111 countries stored in files dated from 2017 to August 2022. Microsoft disputed SOCRadar's claims and fired back at the researchers stating that their estimations are over-exaggerated. Redmond added that the leak was caused by the "unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem" and not due to a security vulnerability. He was imprisoned from April 2014 until July 2015. Some solution providers divorce productivity and compliance and try to merely bolt-on data protection. If there's a cyberattack, hack, or data breach you should know about, then we're on it. These buckets, which the firm has dubbed BlueBleed, included a misconfigured Azure Blob Storage instance allegedly containing information on more than 65,000 entities in 111 countries. Threat intelligence firm SOCRadar revealed on Wednesday that it has identified many misconfigured cloud storage systems, including six large buckets that stored information associated with 150,000 companies across 123 countries. The research firm insists that it has not overstepped any privacy protocols in its work and none of the information it uncovered was saved on its end. Microsoft admits a storage misconfiguation, data tracker leads to a data breach at a second US hospital chain, and more. "Our investigation found no indication customer accounts or systems were compromised. Mainly, this is because the resulting hacks werent all administered by a single group for one purpose. Scans for data will pick up those surprise storage locations. If the proper updates werent applied, the issues remained in place, allowing attackers to take advantage of the flaw long-term. Microsoft said that it does not believe that any data was improperly accessed prior to correcting the security flaw. Additionally, it wasnt immediately clear who was responsible for the various attacks. SOCRadar executives stated that the company does not keep any of the data it comes across and has since deleted any data that its tool may have accessed.