Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies' Data Leak Oct 21, 2022 Ravie Lakshmanan Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication. A cybercriminal gang, Lapsus$, managed to breach some of the largest tech companies in the world - including Samsung, Ubisoft, and most recently, Microsoft Bing. Reach a large audience of enterprise cybersecurity professionals. Some records contained highly sensitive personal information, such as full names, birth dates, Social Security numbers, addresses, and demographic details. The messages were being sent through compromised accounts, including users that signed up for Microsofts two-factor authentication. Among the targeted SolarWinds customers was Microsoft. "Our team was already investigating the. Microsoft also took issue with SOCRadar's use of the BlueBleed tool to crawl through servers to figure out what information, if any, may have been exposed as a result of security flaws or breaches. Like many underground phenomena on the internet, it is poorly understood and shrouded in the sort of technological mysticism that people often ascribe to things like hacking or Bitcoin. Patrick O'Connor, CISSP, CEH, MBCS takes a look at significant security incidents in 2022 so far: some new enemies, some new weaknesses but mostly the usual suspects. The proposed Securities and Exchange Commission rule creates new reporting obligations for United States publicly traded companies to disclose cybersecurity incidents, risk management, policies, and governance. The IT giant confirmed by stating that the hacker obtained "limited access" from one account, which Lapsus$ compromised. Even though this was caused not by a vulnerability but by a improeprly configured instance it still shows the clouds vulnerability. Microsoft has confirmed that the hacker group Lapsus$ breached its security system, after the digital extortion gang claimed credit earlier this week. "Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users," Microsoft said. Got a confidential news tip? 9. Last year was a particularly bad one for password manager LastPass, as a series of hacking incidents revealed some serious weaknesses in its supposedly rock-solid security. A major data breach is a reminder that cybercriminals who access exposed data, which sometimes can include PII, can use it for a variety of crimes, including identity theft. According to the newest breach statistics from the Identity Theft Research Center, the number of victims . It isnt known whether the information was accessed by cybercriminals before the issues were addressed. The yearly average data breach cost increased the most between the year's 2020 and 2021 - a spike likely influenced by the COVID-19 pandemic. Common types of sensitive data include credit card numbers, personally identifiable information (PII) like a home address and date of birth, Social Security Numbers (SSNs), corporate intellectual property (IP) like product schematics, protected health information (PHI), and medical record information that could be used to identify an individual. To abide by the data minimization principle, once the data is no longer serving its purpose, it must be deleted. Microsoft, one of the world's largest technology companies, suffered a serious security breach in March 2022. Due to the security incident, the Costa Rican government established a new Cyber Security Council to better protect citizens' data in the future. For the 2022 report, Allianz gathered insights from 2,650 risk management experts from 89 countries and territories. "On this query page, companies can see whether their data is published anonymously in any open buckets. LastPass, one of the world's most popular password managers, suffered a major data breach in 2022 that compromised users' personal data and put their online passwords and other . Future US, Inc. Full 7th Floor, 130 West 42nd Street, (Joshua Goldfarb), Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies. Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies. With information from the database, attackers could create tools to break into systems by exploring the vulnerabilities, potentially allowing them to target hundreds of millions of computers. In October 2017, word broke that an internal database Microsoft used to track bugs within Microsoft products and software was compromised back in 2013. Microsoft did not say how many potential customers were exposed by the misconfiguration, but in a separate post, SOCRadar, which describes the exposure as BlueBleed, puts the figure at more than 65,000. While Microsoft worked quickly to patch the vulnerabilities, securing the systems relied heavily on the server owners. SOCRadar described it as one of the most significant B2B leaks. Thank you for signing up to Windows Central. "We've confirmed that the endpoint has been secured as of Saturday, September 24, 2022, and it is now only accessible with required authentication," Microsoft said. Microsoft Breach - March 2022. "Threat actors who may have accessed the bucket may use this information in different forms for extortion, blackmailing, creating social engineering tactics with the help of exposed information, or simply selling the information to the highest bidder on the dark web and Telegram channels," SOCRadar warned. Overall, its believed that less than 1,000 machines were impacted. In August 2021, security professionals at Wiz announced that they were able to access customer databases and accounts housed on Microsoft Azure a cloud-based computing platform including records and data relating to many Fortune 500 companies. 43. Microsoft has confirmed one of its own misconfigured cloud systems led to customer information being exposed to the internet, though it disputes the extent of the leak. A couple of well-known brands, for instance, were fined hundreds of millions of euros in 2021. Michael X. Heiligenstein is the founder and editor-in-chief of the Firewall Times. According to one source, the hacker gained access to the Slack account of an HR employee, as well as data such as email addresses, phone numbers, and salaries of Activision employees. 4 Work Trend Index 2022, Microsoft. In July 2021, the Biden administration, along with the FBI, accused China of the data breach. Microsoft also disputed some key details of SOCRadars findings: After reviewing their blog post, we first want to note that SOCRadar has greatly exaggerated the scope of this issue. They were researching the system and discovered various vulnerabilities relating to Cosmos DB, the Azure database service. The business transaction data included names, email addresses, email content, company name, and phone numbers, and may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner. Microsoft servers have been subject to a breach that might have affected over 65,000 entities across 111 countries, according to the security research firm, SOCRadar. The company also stated that it has directed contacted customers that were affected by the breach. We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error. Microsoft exposed some of its customers' names, email addresses, and email content, among other sensitive data. Click here to join the free and open Startup Showcase event. Leveraging security products that enable auto-labeling of sensitive data across an enterprise is one method, among several that help overcome these data challenges. Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users, Microsoft pointed out. When considering plan protections, ask: Who can access the data? News Corp. News Corp., the publisher of the Wall Street Journal and a range of global media outlets, said in a securities filing that it was hit by a cyberattack in January 2022 and that some data . Since dozens of organizations including American Airlines, Ford Motor Co., and the New York Metropolitan Transportation Authority were involved, the nature of the exposed data varied. In total, SOCRadar claims it was able to link this sensitive information to more than 65,000 entities from 111 countries stored in files dated from 2017 to August 2022. According to a posttoday by the Microsoft Security Response Center, the breach related to a misconfigured Microsoft endpoint that was detected by security researchers at SOCRadar Cyber Intelligence Inc. on Sept. 24. SOCRadar has also made available a free tool that companies can use to find out if their data was exposed in one of the BlueBleed buckets. Teh cloud is nothing more than a tool, not the be all end all digital savior that it's marketed as and that many believe it to be. Never seen this site before. A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services. Was yours one of the billions of records stolen through breaches in recent years? If there's a cyberattack, hack, or data breach you should know about, then we're on it. A misconfigured Microsoft endpoint resulted in the potential for unauthenticated access to some business transaction data. In January 2020, news broke of a misconfigured Microsoft internal customer support database that left records on 250 million customers were exposed. In a year of global inflation and massive rises in energy costs, it should come as no surprise that the cost of a data breach has also reached . Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users. MWC 2023 moves beyond consumer and deep into enterprise tech, Carrier equipment maker Ericsson lets go 8,500 employees, Apple reportedly planning second-generation mixed reality headset for 2025, Report: Justice Department plans lawsuit to block Adobe's $20B Figma acquisition, Galaxy Digital finalizes $44M acquisition of crypto self-custody platform GK8, Meta releases LLaMA to democratize access to large language AI models, INFRA - BY MARIA DEUTSCHER . Chuong's passion for gadgets began with the humble PDA. The most common Slack issues and how to fix them, ChatGPT: how to use the viral AI chatbot that everyones talking about, 5 Windows 11 settings to change right now, Cybercrime spiked in 2022 and this year could be worse, New Windows 11 update adds ChatGPT-powered Bing AI to the taskbar. The Microsoft Security Response Center blog reports that researchers reported a misconfigured Microsoft endpoint on September 24. The software giant, Microsoft, was hacked by the online criminal collective known as the Lapsus Hackers. Many feel that a simple warning in technical documentation isnt sufficient, potentially putting part of the blame on Microsoft. Though Microsoft would not reveal how many people were impacted, SOCRadar researchers claimed that 65,000 entities across 111 countries may have had their data compromised, which includes names, phone numbers, email addresses and content, company name, and attached files containing proprietary company information like proof of concept documents, sales data, product orders, and more. Microsoft has criticised security firm SOCRadar for "exaggerating" the extent of the data leak and for making a search tool that allows organisations to see if their data was exposed. However, an external security research firm who reported the issue to Microsoft, confirmed that they had accessed the data as a part of their research and investigation into the issue.". Instead of finding these breaches out by landing on a page by accident or not, is quite concerning News Corp asserted that no customer data was stolen during the breach, and that the company's everyday work wasn't hindered. 3Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected, Cezary Podkul, ProPublica. March 16, 2022. Data Breach Response: Microsoft determines appropriate priority and severity levels of a breach by investigating the functional impact, recoverability, and information impact of the incident. Please refresh the page and try again. The biggest cyber attacks of 2022. Since sensitive data is everywhere, we recommend looking for a multicloud, multi-platform solution that enables you to leverage automation. Threat intelligence firm SOCRadar revealed on Wednesday that it has identified many misconfigured cloud storage systems, including six large buckets that stored information associated with 150,000 companies across 123 countries. To learn more about Microsoft Security solutions,visit ourwebsite. Humans are the weakest link. In November 2016, word of pervasive spam messages coming from Microsoft Skype accounts broke. Data governance ensures that your data is discoverable, accurate, trusted, and can be protected. The most recent Microsoft breach occurred in October 2022, when data on over 548,000 users was found on an misconfigured server. After all, people are busy, can overlook things, or make errors. In others, it was data relating to COVID-19 testing, tracing, and vaccinations. The research firm insists that it has not overstepped any privacy protocols in its work and none of the information it uncovered was saved on its end. For the 2022 report, Allianz gathered insights from 2,650 risk management experts from 89 countries and territories. In July 2021, the Biden administration and some U.S. allies formally stated that they believed China was to blame. The database contained records collected dating back as far as 2005 and as recently as December 2019. If hackers gained access to that Skype password, they could effectively bypass the two-factor authentication, giving them access. Thu 20 Oct 2022 // 15:00 UTC. Additionally, the configuration issue involved was corrected within two hours of its discovery. Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox. In some cases, it was employee file information. In March, the hacker group Lapsus$ struck again, claiming to have breached Microsoft and shared screenshots taken within Azure DevOps, Microsoft's collaboration software. 2021. The victim was reportedly one of only four employees at the company that had access to a shared folder that provided the keys to customer vaults. A configuration issue allowed customers to download Offline Address Books which contained business contact information for employees of other users inadvertently. He graduated from the University of Virginia with a degree in English and History. Microsoft said that it does not believe that any data was improperly accessed prior to correcting the security flaw. Some of the original attacks were traced back to Hafnium, which originates in China. Microsoft hasn't shared any further details about how the account was compromised but provided an overview of the Lapsus$ group's tactics, techniques and procedures, which the company's Threat. One thing is clear, the threat isn't going away. Earlier this year, Microsoft, along with other technology firms, made headlines for a series of unrelated breaches as a result of cyber hacking from the Lapsus$ group. How can the data be used? This email address is currently on file. Microsoft (MSFT) has confirmed it was breached by the hacker group Lapsus$, adding to the cyber gang's growing list of victims. ", According to aMicrosoft 365 Admin Centeralertregarding this data breach published on October 4, 2022, Microsoft is "unable to provide the specific affected data from this issue.". Microsoft admits a storage misconfiguation, data tracker leads to a data breach at a second US hospital chain, and more. UPDATED 19:31 EST / OCTOBER 19 2022 SECURITY Microsoft data breach in September may have exposed customer information by Duncan Riley Microsoft Corp. today revealed details of a server. Data leakage protection is a fast-emerging need in the industry. A sophisticated attack on Microsoft Corp. 's widely used business email software is morphing into a global cybersecurity crisis, as hackers race to infect as many victims as possible before . For instance, an employee may have stored a customers SSN in an unprotected Microsoft 365 site or third-party cloud without your knowledge. While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in a self-service manner are becoming increasingly popular. The intrusion was only detected in September 2021 and included the exposure and potential theft of . Attackers gained access to the SolarWinds system, giving them the ability to use software build features. How do organizations identify sensitive data at scale and prevent accidental exposure of that data? The database wasnt properly password-protected for approximately one month (December 5, 2019, through December 31, 2019), making the details accessible to anyone with a web browser who managed to connect to the database. Azure and Breach Notification under the GDPR further details how Microsoft investigates, manages, and responds to security incidents within Azure. Sensitive data can live in unexpected places within your organization. Through the vulnerabilities, the researchers were able to gain complete access to data, including a selection of databases and some customer account information relating to thousands of accounts. January 31, 2022. It's also important to know that many of these crimes can occur years after a breach. Microsoft released guidance on how to fully merge the Microsoft and Skype account data, giving users a solution. The SOCRadar researchers also note that the leaking data on the Azure Blob Storage instance totaled 2.4 terabytes and included proof-of-execution and statement-of-work documents, including some that may reveal intellectual property. However, its close to impossible to handle manually. But there werent any other safeguards in place, such as a warning notification inside the software announcing that a system change would make the data public. April 19, 2022. In recent years under the leadership of CEO Satya Nadella, Microsoft made data security and privacy practices central pillars of of its operations, so it is refreshing to see the company take swift action to correcting the security flaw. Five insights you might have missed from the Dell-DXC livestream event, Interview: Here's how AWS aims to build new bridges for telcos into the cloud-native world, Dell addresses enterprise interest in a simpler consolidated security model, The AI computing boom: OctoML targets machine learning workload deployment, Automation is moving at a breakneck pace: Heres how that trend is being leveraged in enterprise IT, DIVE INTO DAVE VELLANTES BREAKING ANALYSIS SERIES, Dave Vellante's Breaking Analysis: The complete collection, MWC 2023 highlights telco transformation and the future of business, Digging into Google's point of view on confidential computing, Cloud players sound a cautious tone for 2023. That allowed them to install a keylogger onto the computer of a senior engineer at the company. They also said they had secured the endpoint and notified the accounts that had been compromised, and elaborated that they found no evidence customer accounts had actually been compromised only exposed. In April 2019, Microsoft announced that hackers had acquired a customer support agents credentials, giving them access to some webmail accounts including @outlook.com, @msn.com, and @hotmail.com accounts between January 1, 2019, and March 28, 2019. That leads right into data classification. While Microsoft refrained from providing any additional details regarding this data leak, SOCRadar revealed in a blog post published today that the data was stored on misconfigured Azure Blob Storage. Upgrade your lifestyleDigital Trends helps readers keep tabs on the fast-paced world of tech with all the latest news, fun product reviews, insightful editorials, and one-of-a-kind sneak peeks. Policies related to double checking configuration changes, or having them confirmed by another person, is not a bad idea when the outcome could lead to the exposure of sensitive data.. After digging deeper, the specialist noticed more unexpected activities, including requests relating to specific emails and for confidential files. SOCRadar described it as "one of the most significant B2B leaks". In 2020, Equifax was made to pay further settlements relating to the breach: $7.75 million (plus $2 million in legal fees) to financial institutions in the US plus $18.2 million and $19.5 million . While the exact number isnt clear, the issue potentially impacted over 30,000 U.S. companies, and as many as 60,000 companies worldwide. The Most Recent Data Breaches And Security Breaches 2021 To 2022 Jason Wise Published on: July 26, 2022 Last Updated: January 16, 2023 Fact Checked by Marley Swindells In this blog, we will be discussing the most recent data breaches and security breaches and other relevant information. Apples security trumps Microsoft and Twitters, say feds, LastPass reveals how it got hacked and its not good news, A beginners guide to Tor: How to navigate the underground internet. So, tell me Mr. & Mrs. Microsoft, would there be any chance at all that you may in fact communicate with your customer base. (Marc Solomon). The Allianz Risk Barometer is an annual report that identifies the top risks for companies over the next 12 months. March 3, 2022: Laboratory Bako Diagnostics (BakoDX) confirmed that the company experienced a data breach resulting in the personal and healthcare information of certain consumers being compromised. Microsoft releases Windows security updates for Intel CPU flaws, Microsoft PowerToys adds Paste as plain text and Mouse Jump tools, Microsoft Exchange Online outage blocks access to mailboxes worldwide, Windows 11 Moment 2 update released, here are the many new features, Microsoft Defender app now force-installed for Microsoft 365 users. (Torsten George), The conventional tools we rely on to defend corporate networks are creating gaps in network visibility and in our capabilities to secure them. No data was downloaded. The issue arose due to misconfigured Microsoft Power Apps portals settings. Written by RTTNews.com for RTTNews ->. Senator Markey calls on Elon Musk to reinstate Twitter's accessibility team. The exposed data includes, for example, emails from US .gov, talking about O365 projects, money etc - I found this not via SOCRadar, it's cached. As the specialist looked for more details regarding what was happening, more hacking activity was uncovered. While many data breaches and leaks have plagued the internet in the past, this one is exceptional in the sheer size of it. October 2022: 548,000+ Users Exposed in BlueBleed Data Leak Every level of an organizationfrom IT operations and red and blue teams to the board of directors could be affected by a data breach. Forget foldables, MrMobile goes hands-on with Lenovo's rollable laptop concept. The exposed information allegedly included over 335,000 emails, 133,000 projects, and 548,000 users. Almost 2,000 data breaches reported for the first half of 2022. by Lance Whitney in Security. When an unharmed machine attempted to apply a Microsoft update, the request was intercepted before reaching the Microsoft update server. Microsoft Digital Defense Report 2022 Illuminating the threat landscape and empowering a digital defense. The security firm noted that while Microsoft might have taken swift action on fixing the misconfigured server, its research was able to connect the 65,000 entities uncovered to a file data composed between 2017 and 20222, according to Bleeping Computer. This information could be valuable to potential attackers who may be looking for vulnerabilities within one of these organizations networks.. Apple has long held a reputation for rock-solid security, and now the U.S. government seemingly agrees after praising the company for its security procedures. According to the security firm the leak, dubbed "BlueBleed I", covers data from 65,000 "entities" in 111 countries, from between 2017 and August 2022. Learn four must-haves for multicloud data protection, including how an integrated solution provides greater scalability and protection across your multicloud and hybrid environment. Almost 70,000 patients had their personal data compromised in a recent breach of Kaiser Permanente. Microsoft has not been pleased with SOCRadars handling of this breach, having stated that encouraging entities to use its search tool is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk.. Also, organizations can have thousands of sensitive documents, making manual identification and classification of data untenable because the process would be too slow and inaccurate. Join this webinar to gain clear advice on the people, process and technology considerations that must be made at every stage of an OT security programs lifecycle. Microsoft uses the following classifications: Identifying data at scale is a major challenge, as is enforcing a process so employees manually mark documents as sensitive. Due to persistent pressure from Microsoft, we even have to take down our query page today, he added. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedias security news reporter.
Did Frank Sinatra Go To Dean Martin's Funeral,
Articles M