this post was submitted on 18 Sep 2023
624 points (98.9% liked)

Technology

58303 readers
11 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 126 points 1 year ago (4 children)

It seems this isn't about customer data:

The exposed data included full backups of two employees' computers. These backups contained sensitive personal data, including passwords to Microsoft services, secret keys, and more than 30,000 internal Microsoft Teams messages from more than 350 Microsoft employees.

[–] [email protected] 38 points 1 year ago

Some of that data could be from (or for) customer use, like the service passwords.

[–] [email protected] 31 points 1 year ago (1 children)

Who TF is keeping secret keys on their dev machine, that shit is toxic. Not to mention passwords

[–] [email protected] 58 points 1 year ago

They probably mean like private ssh keys and developer credentials, not production keys. Microsoft does not give signing keys to developers, code releases have to get signed through the build servers.

[–] [email protected] 28 points 1 year ago* (last edited 1 year ago)

What's the other 37.9TB?

[–] [email protected] 18 points 1 year ago (2 children)

The lax security is still worrying when they have so much data in general

[–] [email protected] 10 points 1 year ago

The cloud is just somebody else's computer. You give up some control and get some convenience. I'm paranoid about their cloud services and cloud services in general.

[–] [email protected] 2 points 1 year ago

On a local pc no less. They don't use password repos at Microsoft?