this post was submitted on 18 Sep 2023
487 points (99.2% liked)

Sysadmin

7542 readers
1 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
487
Microsoft leaks 38TB of private data via unsecured Azure storage (www.bleepingcomputer.com)
submitted 1 year ago by [email protected] to c/[email protected]
51 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 99 points 1 year ago (2 children)

The exposed data included backups of personal information belonging to Microsoft employees, including passwords for Microsoft services, secret keys, and an archive of over 30,000 internal Microsoft Teams messages originating from 359 Microsoft employees.

In an advisory on Monday by the Microsoft Security Response Center (MSRC) team, Microsoft said that no customer data was exposed, and no other internal services faced jeopardy due to this incident.

[–] [email protected] 53 points 1 year ago (2 children)

Wait, they stored passwords in plain text?

[–] [email protected] 35 points 1 year ago

Possibly or as a weak hash

[–] [email protected] 29 points 1 year ago* (last edited 1 year ago) (1 children)

Always have done so.

🧑‍🚀🔫

[–] [email protected] 12 points 1 year ago

This is like the evolution of the “loss” meme. Gave me a chuckle.

[–] [email protected] 20 points 1 year ago (2 children)

Microsoft said that no customer data was exposed

Sure, we'll just take your word for it, buddies. Cheers. /laughs in Linux

[–] [email protected] 14 points 1 year ago (1 children)

You can use Linux and still have a Microsoft account.

[–] [email protected] 0 points 1 year ago

Can, but shouldn't. I have a work related Teams account, and one where I tried to rent a Windows VM for a consulting job. That's it though - no private data to get leaked. The work conversations would suck though, but I'll happily remind my boss et al why using Teams is a shitty idea in the first place.

[–] [email protected] 12 points 1 year ago (1 children)

Microsoft owns GitHub. The blast radius for this could be severe.

[–] [email protected] -2 points 1 year ago

Yeah, but the naivety of people believing in secure clouds needs to die. So if this helps, I'm all for it.