The exposed data amounted to a massive 38 terabytes, which included backups from the computers of two Microsoft employees, passwords for Microsoft services, and over 30,000 Teams chat messages exchanged among Microsoft staff. The researchers explained that the storage account itself couldn’t be accessed directly. Instead, Microsoft’s AI team had generated a shared access signature token (SAS) that granted excessive permissions. SAS tokens allow Azure users to create shareable links for data stored in Azure Storage accounts.
Wiz promptly notified Microsoft of their discovery on June 22, and the SAS token was revoked just two days later. Microsoft then conducted a comprehensive investigation, which took nearly three weeks to complete. The company ultimately determined that the sensitive data had not been accessed by any unauthorized third parties.
