You are currently offline

Microsoft's Data Leak: Lessons in SAS Token Security and Best Practices

Microsoft's AI research team has inadvertently exposed a staggering 38 terabytes of personal data on GitHub while sharing open-source code and AI models designed for image recognition. This data breach transpired due to improperly configured Azure Shared Access Signature (SAS) tokens, which unintentionally permitted access to the entire storage account. The cybersecurity firm Wiz was the first to identify this issue, subsequently reporting it to Microsoft. Microsoft reacted promptly by revoking the problematic SAS token and taking measures to rectify the situation.

It's essential to note that no customer data was compromised as a result of this incident. Nevertheless, it serves as a stark reminder of the critical importance of adhering to stringent data security practices in cloud management. 

Microsoft underscored the necessity for proper SAS token management and has made valuable best practices publicly available. This event reinforces the significance of conducting regular audits and consistently improving data security protocols to safeguard sensitive information.


blank strive to empower readers with accurate insightful analysis and timely information on a wide range of topics related to technology & it's impact

Post a Comment (0)
Previous Post Next Post