Suara Malaysia
ADVERTISEMENTFly London from Kuala LumpurFly London from Kuala Lumpur
Friday, November 22, 2024
More
    ADVERTISEMENTFly London from Kuala LumpurFly London from Kuala Lumpur
    HomeTechMicrosoft AI researchers accidentally exposed big cache of data

    Microsoft AI researchers accidentally exposed big cache of data

    -

    Fly AirAsia from Kuala Lumpur

    Microsoft Corp’s AI research team inadvertently exposed a significant amount of private data on the software development platform GitHub, as per the new research conducted by a cybersecurity firm. Cloud security company Wiz uncovered the revelation of cloud-hosted data on the AI training platform through a misconfigured link. Wiz stated that Microsoft’s research team leaked the data while publishing open-source training data on GitHub.

    Users of the repository were encouraged to download AI models from a cloud storage URL. However, the link was misconfigured, granting permissions on the entire storage account, including full control permissions. This meant that users could delete and overwrite existing files, as noted in a blog post by Wiz.

    The exposed data included personal computer backups of Microsoft employees, which contained passwords to various Microsoft services, secret keys, and over 30,000 internal Microsoft Teams messages from 359 Microsoft employees, according to Wiz’s findings.

    While open data sharing is integral to AI training, the improper sharing of large amounts of data exposes companies to greater risks, as highlighted by Wiz’s researchers. In June, Wiz shared the data with Microsoft, who promptly took action to remove the exposed data. Ami Luttwak, Wiz’s CTO and co-founder, stated that the incident “could have been worse.”

    A Microsoft spokesperson, when asked for comment, stated, “We have confirmed that no customer data was exposed, and no other internal services were put at risk.”

    In a blog post released on Monday, Microsoft acknowledged the incident and stated that they had investigated and resolved the matter. The incident involved a Microsoft employee who shared a URL to open-source AI learning models in a public GitHub repository. Microsoft further explained that the exposed data in the storage account consisted of backups of two former employees’ workstation profiles and internal Microsoft Teams messages exchanged between these two employees and their colleagues.

    ALSO READ:  Linus Tech Tips pauses YouTube video production amid criticism over review process and toxic workplace allegations

    Wiz’s research team discovered the data cache while scanning the internet for misconfigured storage containers as part of their ongoing efforts to identify accidental exposure of cloud-hosted data.

    – Bloomberg



    Credit: The Star : Tech Feed

    Suara
    Suarahttps://www.suara.my
    Tech enthusiast turning dreams into reality, one byte at a time 🚀

    Related articles

    ADVERTISEMENTFly London from Kuala Lumpur

    Subscribe to Newsletter

    To be updated with all the latest news, offers and special announcements.

    Latest posts