Massive Microsoft Azure Database Containing Sensitive Data Discovered and Locked Down by Researchers
Researchers from cybersecurity firm Wiz have uncovered a significant Microsoft Azure cloud storage database that was left unlocked and contained sensitive information, including private keys and passwords. Fortunately, the database belonged to Microsoft’s own AI researchers, and it was secured before any unauthorized access occurred.
The discovery was made while Wiz researchers were investigating instances of accidental data exposure in cloud-hosted environments. They stumbled upon a Microsoft GitHub repository that contained open-source code for AI models designed for image recognition. These models were hosted on an Azure Storage URL, but a critical human error led to the inclusion of unauthorized data in the storage.