Microsoft's Latest Security Breach: What's At Stake For Company Integrity And Trust?

Zinger Key Points
  • Microsoft addressed a security lapse exposing internal files and credentials.
  • Researchers found an unprotected server with crucial data.

Microsoft Corp. MSFT recently addressed a security lapse where internal company files and credentials were exposed to the internet.

What Happened: Security researchers from SOCRadar, including Can Yoleri, Murat Özfidan, and Egemen Koçhisarli, discovered an open Azure storage server hosting internal data related to Microsoft's Bing search engine.

The server, according to Techcrunch, contained crucial information (i.e., passwords, keys, and credentials), but lacked password protection, making it accessible to anyone online.

See Also: Microsoft’s Information Security Culture, Cloud Vulnerabilities To Blame For 2023 China-Linked Cyberattack, Says Federal Agency

“The exposed data could potentially help malicious actors identify or access other places where Microsoft stores its internal files,” Yoleri said. “Identifying those storage locations could result in more significant data leaks and possibly compromise the services in use.”

Microsoft was informed of the lapse on Feb. 6 and secured the exposed files by March 5. However, it’s unclear how long the server was vulnerable, or if others accessed the data.

Why It Matters: This incident adds to the ever-growing list of security challenges for Microsoft. Recall last year’s discovery of employees exposing corporate network logins on GitHub.

The Redmond, Washington-based company also faces scrutiny over a breach where China-backed hackers gained access to senior U.S. government officials’ Microsoft-hosted inboxes.

An independent board criticized Microsoft’s security failures in handling the breach.

In March, Microsoft disclosed ongoing efforts to counter a cyberattack by Russian state-backed hackers, which resulted in the theft of source code and internal emails. These incidents underscore the need for Microsoft to enhance its security measures to rebuild customer trust.

Read Next: Microsoft Detects Russian, Chinese AI Hackers: Is It Time To Add Cybersecurity To Your Portfolio?

Image credits: Budrul Chukrut via Shutterstock.

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In: NewsTop StoriesTechcyber attackcyber securityCybersecurityhackersStories That Mattertech
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!