![]() It isn’t known whether the information was accessed by cybercriminals before the issues were addressed. The issue was discovered by UpGuard, a cybersecurity firm, and was promptly reported to Microsoft and impacted organizations, allowing the tech giant and the other companies and agencies to address the problem and plug the leaks. Some records contained highly sensitive personal information, such as full names, birth dates, Social Security numbers, addresses, and demographic details. In others, it was data relating to COVID-19 testing, tracing, and vaccinations. In some cases, it was employee file information. Since dozens of organizations – including American Airlines, Ford Motor Co., and the New York Metropolitan Transportation Authority – were involved, the nature of the exposed data varied. Overall, at least 47 companies unknowingly made stores data publicly accessible, exposing at least 38 million records. The issue arose due to misconfigured Microsoft Power Apps portals settings. In August 2021, word of a significant data leak emerged. August 2021: Organizations Expose 38 Million Records Due to Power Apps Misconfiguration ![]() ![]() ![]() You can read more in our article on the Lapsus$ group’s cyberattacks. Lapsus$ screenshot showing their breach of Microsoft. In a lengthy blog post, Microsoft’s security team described Lapsus$ as “a large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements.” They go on to describe the group’s tactics in great detail, indicating that Microsoft had been studying Lapsus$ carefully before the incident occurred.įor their part, Lapsus$ has repeatedly stated that their motivations are purely financial: “Remember: The only goal is money, our reasons are not political.” They appear to exploit insider threats, and recently posted a notice asking tech workers to compromise their employers. In it, they asserted that no customer data had been compromised per Microsoft’s description, only a single account was hijacked, and the company’s security team was able to stop the attack before Lapsus$ could infiltrate any deeper into their organization. On March 22, Microsoft issued a statement confirming that the attacks had occurred. The screenshot was taken within Azure DevOps, a collaboration software created by Microsoft, and indicated that Bing, Cortana, and other projects had been compromised in the breach. On March 20, 2022, the hacker group Lapsus$ posted a screenshot to their Telegram channel indicating that they had breached Microsoft. March 2022: Lapsus$ Group Breaches Microsoft We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error. Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users. Microsoft also disputed some key details of SOCRadar’s findings:Īfter reviewing their blog post, we first want to note that SOCRadar has greatly exaggerated the scope of this issue. They also said they had secured the endpoint and notified the accounts that had been compromised, and elaborated that they found no evidence customer accounts had actually been compromised - only exposed. Microsoft acknowledged the data leak in a blog post. By SOCRadar’s account, this data pertained to over 65,000 companies and 548,000 users, and included customer emails, project information, and signed documents. On October 19th, security firm SOCRadar identified over 2.4 terabytes of exposed data on a misconfigured Microsoft endpoint. October 2022: 548,000+ Users Exposed in BlueBleed Data Leak As of April 2023, we have found no reported Microsoft data breaches since this incident.īelow, you’ll find a full timeline of Microsoft data breaches and security incidents, starting with the most recent. The most recent Microsoft breach occurred in October 2022, when data on over 548,000 users was found on an misconfigured server.
0 Comments
Leave a Reply. |