Microsoft's AI research team accidentally leaked 38 terabytes of sensitive data when it published an open source training dataset via GitHub, including private keys, passwords, and personal backups of the company's computer employees.
Cloud security company Wiz discovered a GitHub repository from Microsoft's AI research division as part of its ongoing efforts to prevent accidental leaks of cloud-hosted data.
The company's AI research team allows users of the GitHub repository to download models via Azure storage account links because the repository provides open source code and AI models for AI discovery. "photo."
Wiz discovered that the link was intended to grant permissions to the entire storage account, inadvertently exposing additional private data.
The data contains sensitive personal information, including passwords, Microsoft service keys, and more than 30,000 internal Teams messages from 359 Microsoft employees.
The incorrect link setting also allows full control instead of read-only permissions, which means content can be removed and replaced with malware-infected content.
Microsoft's AI developers added a simple token to sign shared access within the link. Signed shared access tokens are a method used by Azure that allows users to create shareable links to grant access to data in their Azure storage account.
“Data scientists are working to bring new AI solutions into production, but the large amounts of data they process require additional security controls and protections,” Weese said.
“It is becoming increasingly difficult to monitor and avoid situations like Microsoft's where many development teams need to process large amounts of data, share data with colleagues, or collaborate on public open source projects,” she added.
Wiz said he shared his findings with Microsoft, which later rejected the Shared Access Signature token. Microsoft Security Response said: “No customer data or other internal services were compromised as a result of this issue.”
“We have expanded our GitHub service, which monitors all public changes to open source code, to expose plaintext credentials and other secrets to include all signed shared access tokens that may have expiration dates or additional privileges,” Microsoft said.