Sign In

Communications of the ACM

ACM TechNews

Microsoft AI Researchers Accidentally Exposed Big Cache of Data

View as: Print Mobile App Share:
A Microsoft building.

A Microsoft spokesperson said, “We have confirmed that no customer data was exposed, and no other internal services were put at risk.”

Credit: David Paul Morris/Bloomberg

Scientists at cloud security company Wiz discovered Microsoft artificial intelligence (AI) researchers accidentally compromised a large collection of private data while publishing open source training data on the software platform GitHub.

The Wiz researchers blogged that GitHub users were urged to download AI models from a misconfigured cloud storage URL that granted permissions on the entire storage account, including full control permissions rather than read only.

Wiz said Microsoft employees' personal computer backups, including passwords to Microsoft services, secret keys, and more than 30,000 internal Microsoft Teams messages from 359 workers, was among the exposed data.

Wiz's Ami Luttwak said Microsoft acted quickly to remove the data after Wiz shared its findings with the company in June.

From Bloomberg
View Full Article - May Require Paid Subscription


Abstracts Copyright © 2023 SmithBucklin, Washington, D.C., USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account