In January 2010, news broke of an Internet Explorer zero-day flaw that hackers exploited to breach several major U.S. companies, including Adobe and Google. Of the files that were collected, SOCRadar's analysis revealed that these included proof of concept works, internal comments and sales strategies, customer asset documents, product orders, offers, and more. This presentation will provide an overview of the security risks associated with SaaS, best practices for mitigating these risks and protecting data, and discuss the importance of regularly reviewing and updating SaaS security practices to ensure ongoing protection of data. And you dont want to delete data too quickly and put your organization at risk of regulatory violations. Having been made aware of the breach on September 24, 2022, Microsoft released a statement saying it had secured the comprised endpoint, which is now only accessible with required authentication, and that an investigation found no indication customer accounts or systems were compromised.. The hacker gained access to the personal data through an employee's email that contained sensitive information including patient names, medical information, and test results. 4 Work Trend Index 2022, Microsoft. It isnt known whether the information was accessed by cybercriminals before the issues were addressed. Microsoft has confirmed one of its own misconfigured cloud systems led to customer information being exposed to the internet, though it disputes the extent of the leak. Azure and Breach Notification under the GDPR further details how Microsoft investigates, manages, and responds to security incidents within Azure. With information from the database, attackers could create tools to break into systems by exploring the vulnerabilities, potentially allowing them to target hundreds of millions of computers. "We are highly disappointed about MSRCs comments and accusations after all the cooperation and support provided by us that absolutely prevented the global cyber disaster.". In March 2022, the group posted a torrent file online containing partial source code from . The intrusion was only detected in September 2021 and included the exposure and potential theft of . On March 20, 2022, the infamous hacker group Lapsus$ announced that they had successfully breached Microsoft. Senator Markey calls on Elon Musk to reinstate Twitter's accessibility team. The details which included names, gamer tags, birthdays, and emails were accidentally published online and not accessed via a hack. Exposed data included names, email addresses, email content, company name and phone numbers, and may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner. On February 21, Activision acknowledged that they suffered a data breach in December 2022, after a hacker tricked an employee via an SMS phishing attack. Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users, Microsoft pointed out. 3:18 PM PST February 27, 2023. > Redmond added that the leak was caused by the "unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem" and *not due to a security vulnerability.*. BlueBleed discovered 2.4TB of data, including 335,000 emails, 133,000 projects, and 584,000 exposed users, according to a report on Bleeping Computer. 1. ", According to aMicrosoft 365 Admin Centeralertregarding this data breach published on October 4, 2022, Microsoft is "unable to provide the specific affected data from this issue.". It confirms that it was notified by SOCRadar security researchers of a misconfigured Microsoft endpoint on Sept. 24, 2022. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedias security news reporter. In relatively short order, it was determined that four zero-day vulnerabilities were allowing unauthorized parties to access data, deploy malware, hijack servers, and access backdoors to reach other systems. Microsoft Data Breach Source: youtube.com. The vulnerability allowed attackers to gain the same access privileges as an authorized user with administrative rights, giving the hackers the ability to take complete control of an impacted system. 'Xbox will exist' if Activision Blizzard deal falls through, says Microsoft's Phil Spencer, A London musician recorded with Muse and Phil Collins, now he's co-producing with ChatGPT, Windows Central Podcast #301: Windows 11, Xbox, Bing. Today's tech news, curated and condensed for your inbox. It isnt clear how many accounts were impacted, though Microsoft described it as a limited number. Additionally, the tech giant asserted that email contents and attachments, as well as login credentials, were not compromised in the hack. From the article: Data discovery, data classification, and data protection strategies can help you find and better protect your companys sensitive data. They also can diminish the trust of those who become the victims of identity theft, credit card fraud, or other malicious activities as a result of those breaches. All Rights Reserved. Can somebody tell me how much BlueBleed (socradar.io) is trustworthy? Welcome to Cyber Security Today. Microsoft was alerted by security researchers at SOCRadar about a misconfigured endpoint that had exposed some customer information. The data discovery process can surprise organizationssometimes in unpleasant ways. The exposed data includes, for example, emails from US .gov, talking about O365 projects, money etc - I found this not via SOCRadar, it's cached. Though the number of breaches reported in the first half of 2022 . by The company learned about the misconfiguration on September 24 and secured the endpoint. No data was downloaded. Many feel that a simple warning in technical documentation isnt sufficient, potentially putting part of the blame on Microsoft. (Joshua Goldfarb), Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies. In July 2021, the Biden administration and some U.S. allies formally stated that they believed China was to blame. Upon being notified of the misconfiguration, the endpoint was secured. Join this webinar to gain clear advice on the people, process and technology considerations that must be made at every stage of an OT security programs lifecycle. Security Trends for 2022. SOCRadar claims that it shared with Microsoft its findings, which detailed that a misconfigured Azure Blob Storage was compromised and might have exposed approximately 2.4TB of privileged data, including names, phone numbers, email addresses, company names, and attached files containing proprietary company information, such as proof of concept documents, sales data, product orders, among other information. On March 20, 2022, the hacker group Lapsus$ posted a screenshot to their Telegram channel indicating that they had breached Microsoft. Common types of sensitive data include credit card numbers, personally identifiable information (PII) like a home address and date of birth, Social Security Numbers (SSNs), corporate intellectual property (IP) like product schematics, protected health information (PHI), and medical record information that could be used to identify an individual. The security firm noted that while Microsoft might have taken swift action on fixing the misconfigured server, its research was able to connect the 65,000 entities uncovered to a file data composed between 2017 and 20222, according to Bleeping Computer. According to a posttoday by the Microsoft Security Response Center, the breach related to a misconfigured Microsoft endpoint that was detected by security researchers at SOCRadar Cyber Intelligence Inc. on Sept. 24. In a year of global inflation and massive rises in energy costs, it should come as no surprise that the cost of a data breach has also reached . Computing giant Microsoft is no stranger to cyberattacks, and on March 20th 2022 the firm was targeted by a hacking collective called Lapsus$. Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies. A representative for LinkedIn reported to Business Insider that this data was scraped from publicly available data on the platform. Several members of the group were later indicted, and one member, David Pokora, became the first foreign hacker to ever receive a sentence on U.S. soil. Microsoft has confirmed sensitive information from. "Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users," Microsoft said. On March 20 th 2022, the Lapsus$ group shared a snapshot to its Telegram channel showing that they have breached Microsoft. Microsoft is facing criticism for the way it disclosed a recent security lapse that exposed what a security company said was 2.4 terabytes of data that included signed invoices and contracts . "The leaked data does not belong to us, so we keep no data at all," Seker told Bleeping Computer, noting that his company was disappointed with Microsoft's accusations. Instead, we recommend an approach that integrates data protection into your existing processes to protect sensitive data. The research firm insists that it has not overstepped any privacy protocols in its work and none of the information it uncovered was saved on its end. Please refresh the page and try again. Humans are the weakest link. The first few months of 2022 did not hold back. Some records contained highly sensitive personal information, such as full names, birth dates, Social Security numbers, addresses, and demographic details. Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. This miscongifuration resulted in the possibility of "unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers". In a revelation this week, Microsoft's Security Response Center (MSRC) said it was notified by threat intelligence firm SOCRadar on September 24 . Every level of an organizationfrom IT operations and red and blue teams to the board of directors could be affected by a data breach. For instance, an employee may have stored a customers SSN in an unprotected Microsoft 365 site or third-party cloud without your knowledge. The group posted a screenshot on Telegram to. "We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.". Thank you, CISA releases free Decider tool to help with MITRE ATT&CK mapping, Terms of Use - Privacy Policy - Ethics Statement, Copyright @ 2003 - 2023 Bleeping Computer LLC - All Rights Reserved. A configuration issue allowed customers to download Offline Address Books which contained business contact information for employees of other users inadvertently. SOCRadar'sdata leak search portal is namedBlueBleed and it allowscompaniesto find if their sensitive info wasalso exposed with the leaked data. Misconfigured Public Cloud Databases Attacked Within Hours of Deployment, Critical Vulnerabilities in Azure PostgreSQL Exposed User Databases, Microsoft Confirms NotLegit Azure Flaw Exposed Source Code Repositories, Industry Experts Analyze US National Cybersecurity Strategy, Critical Vulnerabilities Allowed Booking.com Account Takeover, Information of European Hotel Chains Customers Found on Unprotected Server, New CISA Tool Decider Maps Attacker Behavior to ATT&CK Framework, Dish Network Says Outage Caused by Ransomware Attack, Critical Vulnerabilities Patched in ThingWorx, Kepware IIoT Products, 33 New Adversaries Identified by CrowdStrike in 2022, Vulnerability in Popular Real Estate Theme Exploited to Hack WordPress Websites, EPA Mandates States Report on Cyber Threats to Water Systems, Thousands of Websites Hijacked Using Compromised FTP Credentials, Organizations Warned of Royal Ransomware Attacks, White House Cybersecurity Strategy Stresses Software Safety, Over 71k Impacted by Credential Stuffing Attacks on Chick-fil-A Accounts, BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems, Advancing Women in Cybersecurity One CMOs Journey. Microsoft confirmed that a misconfigured system may have exposed customer data. Not really. The software giant, Microsoft, was hacked by the online criminal collective known as the Lapsus Hackers. This trend will likely continue in 2022 as attackers continue to seek out vulnerabilities in our most critical systems. According to the newest breach statistics from the Identity Theft Research Center, the number of victims . Greetings! BidenCash market leaks over 2 million stolen credit cards for free, White House releases new U.S. national cybersecurity strategy, Chick-fil-A confirms accounts hacked in months-long "automated" attack, BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11, The Week in Ransomware - March 3rd 2023 - Wide impact attacks, Brave Search launches AI-powered summarizer in search results, FBI and CISA warn of increasing Royal ransomware attack risks, Remove the Theonlinesearch.com Search Redirect, Remove the Smartwebfinder.com Search Redirect, How to remove the PBlock+ adware browser extension, Remove the Toksearches.xyz Search Redirect, Remove Security Tool and SecurityTool (Uninstall Guide), How to remove Antivirus 2009 (Uninstall Instructions), How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo, How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller, Locky Ransomware Information, Help Guide, and FAQ, CryptoLocker Ransomware Information Guide and FAQ, CryptorBit and HowDecrypt Information Guide and FAQ, CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ, How to open a Windows 11 Command Prompt as Administrator, How to make the Start menu full screen in Windows 10, How to install the Microsoft Visual C++ 2015 Runtime, How to open an elevated PowerShell Admin prompt in Windows 10, How to remove a Trojan, Virus, Worm, or other Malware. After SCORadar flagged a Microsoft data breach at the end of October, the company confirmed that a server misconfiguration had caused 65,000+ companies' data to be leaked. Microsoft. The screenshot posted to their Telegram channel showed that Bing, Cortana, and other projects had been compromised in the attack. Microsoft stated that a very small number of customers were impacted by the issue. With that in place, many users were unaware that their previous, separate Skype password remained stored, allowing it to be used to login to Skype specifically from other devices. However, the organizations are ultimately the ones that applied the settings, making them responsible for the leaks, as well. Microsoft disputed SOCRadar's claims and fired back at the researchers stating that their estimations are over-exaggerated.