this post was submitted on 18 Sep 2023
484 points (99.2% liked)

Sysadmin

7467 readers
2 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
484
Microsoft leaks 38TB of private data via unsecured Azure storage (www.bleepingcomputer.com)
submitted 11 months ago by [email protected] to c/[email protected]
52 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 99 points 11 months ago (2 children)

The exposed data included backups of personal information belonging to Microsoft employees, including passwords for Microsoft services, secret keys, and an archive of over 30,000 internal Microsoft Teams messages originating from 359 Microsoft employees.

In an advisory on Monday by the Microsoft Security Response Center (MSRC) team, Microsoft said that no customer data was exposed, and no other internal services faced jeopardy due to this incident.

[–] [email protected] 53 points 11 months ago (2 children)

Wait, they stored passwords in plain text?

[–] [email protected] 35 points 11 months ago

Possibly or as a weak hash

[–] [email protected] 29 points 11 months ago* (last edited 11 months ago) (1 children)

Always have done so.

🧑‍🚀🔫

[–] [email protected] 12 points 11 months ago

This is like the evolution of the “loss” meme. Gave me a chuckle.

[–] [email protected] 20 points 11 months ago (2 children)

Microsoft said that no customer data was exposed

Sure, we'll just take your word for it, buddies. Cheers. /laughs in Linux

[–] [email protected] 14 points 11 months ago (1 children)

You can use Linux and still have a Microsoft account.

[–] [email protected] 0 points 11 months ago

Can, but shouldn't. I have a work related Teams account, and one where I tried to rent a Windows VM for a consulting job. That's it though - no private data to get leaked. The work conversations would suck though, but I'll happily remind my boss et al why using Teams is a shitty idea in the first place.

[–] [email protected] 12 points 11 months ago (1 children)

Microsoft owns GitHub. The blast radius for this could be severe.

[–] [email protected] -2 points 11 months ago

Yeah, but the naivety of people believing in secure clouds needs to die. So if this helps, I'm all for it.