this post was submitted on 18 Sep 2023
432 points (99.3% liked)

Sysadmin

7634 readers
2 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 1 year ago
MODERATORS
DarraignTheSane@lemmy.world
00Lemming@lemmy.world
L3s@lemmy.world
432
Microsoft leaks 38TB of private data via unsecured Azure storage (www.bleepingcomputer.com)
submitted 1 year ago by 123@lemm.ee to c/sysadmin@lemmy.world
42 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Nighed@sffa.community 78 points 1 year ago (2 children)

The exposed data included backups of personal information belonging to Microsoft employees, including passwords for Microsoft services, secret keys, and an archive of over 30,000 internal Microsoft Teams messages originating from 359 Microsoft employees.

In an advisory on Monday by the Microsoft Security Response Center (MSRC) team, Microsoft said that no customer data was exposed, and no other internal services faced jeopardy due to this incident.

[–] jmcs@discuss.tchncs.de 45 points 1 year ago (2 children)

Wait, they stored passwords in plain text?

[–] possiblylinux127@lemmy.zip 31 points 1 year ago

Possibly or as a weak hash

[–] elbarto777@lemmy.world 26 points 1 year ago* (last edited 1 year ago) (1 children)

Always have done so.

🧑‍🚀🔫

[–] clearedtoland@lemmy.world 11 points 1 year ago

This is like the evolution of the “loss” meme. Gave me a chuckle.

[–] raspberriesareyummy@lemmy.world 12 points 1 year ago (2 children)

Microsoft said that no customer data was exposed

Sure, we'll just take your word for it, buddies. Cheers. /laughs in Linux

[–] Random_user@lemmy.world 14 points 1 year ago (1 children)

You can use Linux and still have a Microsoft account.

[–] raspberriesareyummy@lemmy.world 0 points 1 year ago

Can, but shouldn't. I have a work related Teams account, and one where I tried to rent a Windows VM for a consulting job. That's it though - no private data to get leaked. The work conversations would suck though, but I'll happily remind my boss et al why using Teams is a shitty idea in the first place.

[–] Sinthesis@lemmy.world 12 points 1 year ago (1 children)

Microsoft owns GitHub. The blast radius for this could be severe.

[–] raspberriesareyummy@lemmy.world -2 points 1 year ago

Yeah, but the naivety of people believing in secure clouds needs to die. So if this helps, I'm all for it.