The security firm noted that while Microsoft might have taken swift action on fixing the misconfigured server, its research was able to connect the 65,000 entities uncovered to a file data composed between 2017 and 20222, according to Bleeping Computer. December 28, 2022, 10:00 AM EST. For instance, an employee may have stored a customers SSN in an unprotected Microsoft 365 site or third-party cloud without your knowledge. (Torsten George), The conventional tools we rely on to defend corporate networks are creating gaps in network visibility and in our capabilities to secure them. If you're looking for more privacy while browsing, Tor is a good way to do that, as it is software that allows users to browse the web anonymously. However, the organizations are ultimately the ones that applied the settings, making them responsible for the leaks, as well. I'd assume MS is telling no more than they are legally required to and even at that possibly framing the information as best as possible to downplay it all. Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. See More . Microsoft had been aware of the problem months prior, well before the hacks occurred. Not really. The hacker gained access to the personal data through an employee's email that contained sensitive information including patient names, medical information, and test results. "We redirect all our customers to MSRC if they want to see the original data. Microsoft exposed some of its customers' names, email addresses, and email content, among other sensitive data. January 17, 2022. For example, through the flaw which was related to Internet Explorer 6, specifically attackers gained the ability to download malware onto a Google employees computer, giving them access to proprietary information. November 7, 2022: ISO 27017 Statement of Applicability Certificate: A.16.1: Management of information security incidents and improvements: November 7, 2022: ISO 27018 Statement of Applicability Certificate: A.9.1: Notification of a data breach involving PII: November 7, 2022: SOC 1: IM-1: Incident management framework IM-2: Detection mechanisms . In 2022, it took an average of 277 daysabout 9 monthsto identify and contain a breach. The screenshot posted to their Telegram channel showed that Bing, Cortana, and other projects had been compromised in the attack. Was yours one of the billions of records stolen through breaches in recent years? We want to hear from you. Policies related to double checking configuration changes, or having them confirmed by another person, is not a bad idea when the outcome could lead to the exposure of sensitive data.. Got a confidential news tip? Since then, he has covered a range of consumer and enterprise devices, raning from smartphones to tablets, laptops to desktops and everything in between for publications like Pocketnow, Digital Trends, Wareable, Paste Magazine, and TechRadar in the past before joining the awesome team at Windows Central. A cybercriminal gang, Lapsus$, managed to breach some of the largest tech companies in the world - including Samsung, Ubisoft, and most recently, Microsoft Bing. Once the data is located, you must assign a value to it as a starting point for governance. The misconfiguration in this case happened on the part of the third-party companies, and was not directly caused by Microsoft. Hacker group LAPSUS$ - branded DEV-0537 in Microsoft's blog post . While the bulk was for a Russian email service, approximately 33 million about 12 percent of the total stash were for Microsoft Hotmail accounts. Teh cloud is nothing more than a tool, not the be all end all digital savior that it's marketed as and that many believe it to be. The biggest cyber attacks of 2022. Below, youll find a full timeline of Microsoft data breaches and security incidents, starting with the most recent. > Redmond added that the leak was caused by the "unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem" and *not due to a security vulnerability.*. For their part, Lapsus$ has repeatedly stated that their motivations are purely financial: Remember: The only goal is money, our reasons are not political. They appear to exploit insider threats, and recently posted a notice asking tech workers to compromise their employers. Overall, Flame was highly targeted, limiting its spread. The company revealed that it was informed of the isolated incident by researchers at SOCRadar, though both companies remain in disagreement over how many users were impacted and best practices that cybersecurity researchers should take when they encounter a breach or leak in the future. Additionally, the configuration issue involved was corrected within two hours of its discovery. The issue was discovered by UpGuard, a cybersecurity firm, and was promptly reported to Microsoft and impacted organizations, allowing the tech giant and the other companies and agencies to address the problem and plug the leaks. On October 19th, security firm SOCRadar identified over 2.4 terabytes of exposed data on a misconfigured Microsoft endpoint. Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility. The company believes such tools should include a verification system to ensure that a user can only look for data pertaining to them, and not to other users. However, the failure of the two-factor authentication system places at least some of the blame on the tech giant. Lapsus took to social media to post a screen capture of the attack, making it clear that its team was deserving of what it considers . The exposed data includes, for example, emails from US .gov, talking about O365 projects, money etc - I found this not via SOCRadar, it's cached. The cost of a data breach in 2022 was $4.35M - a 12.7% increase compared to 2020, when the cost was $3.86M. A representative for LinkedIn reported to Business Insider that this data was scraped from publicly available data on the platform. Though the number of breaches reported in the first half of 2022 . 2. Microsoft also took issue with SOCRadar's use of the BlueBleed tool to crawl through servers to figure out what information, if any, may have been exposed as a result of security flaws or breaches. Senior Product Marketing Manager, Microsoft, Featured image for SEC cyber risk management rulea security and compliance opportunity, SEC cyber risk management rulea security and compliance opportunity, Featured image for 4 things to look for in a multicloud data protection solution, 4 things to look for in a multicloud data protection solution, Featured image for How businesses are gaining integrated data protection with Microsoft Purview, How businesses are gaining integrated data protection with Microsoft Purview, Azure Active Directory part of Microsoft Entra, Microsoft Defender Vulnerability Management, Microsoft Defender Cloud Security Posture Mgmt, Microsoft Defender External Attack Surface Management, Microsoft Purview Insider Risk Management, Microsoft Purview Communication Compliance, Microsoft Purview Data Lifecycle Management, Microsoft Security Services for Enterprise, Microsoft Security Services for Incident Response, Microsoft Security Services for Modernization, Cyberattacks Against Health Plans, Business Associates Increase, Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected, Allianz Risk Barometer 2022:Cyber perils outrank Covid-19 and broken supply chains as top global business risk, Fines for breaches of EU privacy law spike sevenfold to $1.2 billion, as Big Tech bears the brunt. The hackers then pushed out malicious updates to approximately 18,000 SolarWinds customers utilizing a supply chain attack approach, giving them access to the customers systems, networks, and data. Instead of finding these breaches out by landing on a page by accident or not, is quite concerning Some of the original attacks were traced back to Hafnium, which originates in China. He was imprisoned from April 2014 until July 2015. Microsoft Corp. today revealed details of a server misconfiguration that may have compromised the data of some potential customers in September. "This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," the companyrevealed. Security breaches are very costly. In July 2021, the Biden administration, along with the FBI, accused China of the data breach. Then, Flame returned a malicious executable file featuring a rogue certificate, causing the uninfected machine to download malware. The business transaction data included names, email addresses, email content, company name, and phone numbers, and may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner. While Microsoft refrained from providing any additional details regarding this data leak, SOCRadar revealed in a blog post published today that the data was stored on misconfigured Azure Blob Storage. Upgrade your lifestyleDigital Trends helps readers keep tabs on the fast-paced world of tech with all the latest news, fun product reviews, insightful editorials, and one-of-a-kind sneak peeks. Microsoft data breach exposed sensitive data of 65,000 companies By Fionna Agomuoh October 20, 2022 Microsoft servers have been subject to a breach that might have affected over. Thank you for signing up to Windows Central. "This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services.". Microsoft has not been pleased with SOCRadars handling of this breach, having stated that encouraging entities to use its search tool is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk.. March 3, 2022: Laboratory Bako Diagnostics (BakoDX) confirmed that the company experienced a data breach resulting in the personal and healthcare information of certain consumers being compromised. On March 20, 2022, the infamous hacker group Lapsus$ announced that they had successfully breached Microsoft. Once within the system, attackers could also view, alter, or remove data, create new user accounts, and more. The tech giant has thanked SOCRadar, but its not happy with the companys blog post, claiming that it greatly exaggerates the scope of the issue and the numbers involved. A post in M365 Admin Center, ignoring regulators and telling acct managers to blow off customers ain't going to cut it. 43. The conventional tools we rely on to defend corporate networks are creating gaps in network visibility and in our capabilities to secure them. Almost 2,000 data breaches reported for the first half of 2022. by Lance Whitney in Security. Numerous government agencies including the Department of Defense, Department of Homeland Security, Department of Justice, and Federal Aviation Administration, among others were impacted by the attack. The data classification process involves determining datas sensitivity and business impact so you can knowledgeably assess the risks. However, its close to impossible to handle manually. The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks. Besideswhat wasfound inside Microsoft's misconfigured server, BlueBleed also allows searching for data collected from five otherpublic storage buckets. Microsoft was alerted by security researchers at SOCRadar about a misconfigured endpoint that had exposed some customer information. Where should the data live and where shouldnt it live? However, SOCRadar also responded by making its BlueBleed search portal available to Microsoft customers who might be concerned they have been affected by the leak. Posted: Mar 23, 2022 5:36 am. Microsoft asserted that there was no data breach on their side, claiming that hackers were likely using stolen email addresses and password combinations from other sources to access accounts. So, tell me Mr. & Mrs. Microsoft, would there be any chance at all that you may in fact communicate with your customer base. At the same time, the feds have suggested Microsoft and Twitter need to pull their socks up and make their products much more secure for their users, according to CNBC. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts. (RTTNews) - Personal data of 38 million users were accidentally leaked due to a fault in Microsoft's (MSFT) Power Apps . 4 Work Trend Index 2022, Microsoft. Senator Markey calls on Elon Musk to reinstate Twitter's accessibility team. In December 2020, vulnerabilities associated with SolarWinds an infrastructure monitoring and management software solution were exploited by Russian hackers.