The software giant, Microsoft, was hacked by the online criminal collective known as the Lapsus Hackers. "We've confirmed that the endpoint has been secured as of Saturday, September 24, 2022, and it is now only accessible with required authentication," Microsoft said. They are accountable for protecting information and sharing data via processes and workflows that enable protection, while also not hindering workplace productivity. UpdateOctober 19,14:44 EDT: Added more info on SOCRadar's BlueBleed portal. A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services. Overall, at least 47 companies unknowingly made stores data publicly accessible, exposing at least 38 million records. Apples security trumps Microsoft and Twitters, say feds, LastPass reveals how it got hacked and its not good news, A beginners guide to Tor: How to navigate the underground internet. Though Microsoft would not reveal how many people were impacted, SOCRadar researchers claimed that 65,000 entities across 111 countries may have had their data compromised, which includes names, phone numbers, email addresses and content, company name, and attached files containing proprietary company information like proof of concept documents, sales data, product orders, and more. In November 2016, word of pervasive spam messages coming from Microsoft Skype accounts broke. A global wave of cyberattacks and data breaches began in January 2021 after four zero-day exploits were discovered in on-premises Microsoft Exchange Servers, giving attackers full access to user emails and passwords on affected servers, administrator privileges on the server, and access to connected devices on the same network. A cybercriminal gang, Lapsus$, managed to breach some of the largest tech companies in the world - including Samsung, Ubisoft, and most recently, Microsoft Bing. For instance, you may collect personal data from customers who want to learn more about your services. Humans are the weakest link. In 2021, the effects of ransomware and data breaches were felt by all of us. 3. Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. Bookmark theSecurity blogto keep up with our expert coverage on security matters. Jay Fitzgerald. Also, organizations can have thousands of sensitive documents, making manual identification and classification of data untenable because the process would be too slow and inaccurate. Chuong's passion for gadgets began with the humble PDA. The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shors algorithm to crack PKI encryption. Data Breaches. In it, they asserted that no customer data had been compromised; per Microsofts description, only a single account was hijacked, and the companys security team was able to stop the attack before Lapsus$ could infiltrate any deeper into their organization. The main concern is that the data could make the customers prime targets for scammers, as it would make it easier for them to impersonate Microsoft support personnel. Dr. Alex Wolf, Graduating medical student(PHD), hacker Joe who helped me in changing my grade and repaired my credit score with better score, pls reach out to him if you need An hacking service on DIGITALDAWGPOUNDHACKERGROUP@GMAIL.COM In recent years under the leadership of CEO Satya Nadella, Microsoft made data security and privacy practices central pillars of of its operations, so it is refreshing to see the company take swift action to correcting the security flaw. April 19, 2022. The cost of a data breach in 2022 was $4.35M - a 12.7% increase compared to 2020, when the cost was $3.86M. "On this query page, companies can see whether their data is published anonymously in any open buckets. : +1 732 639 1527. Microsoft has criticised security firm SOCRadar for "exaggerating" the extent of the data leak and for making a search tool that allows organisations to see if their data was exposed. While many data breaches and leaks have plagued the internet in the past, this one is exceptional in the sheer size of it. The company secured the server after being notified of the leak on September 24, 2022by security researchers at threat intelligence firm SOCRadar. With that in place, many users were unaware that their previous, separate Skype password remained stored, allowing it to be used to login to Skype specifically from other devices. Heres how it works. Leveraging security products that enable auto-labeling of sensitive data across an enterprise is one method, among several that help overcome these data challenges. 2Cyberattacks Against Health Plans, Business Associates Increase, Jill McKeon, HealthITSecurity xtelligent Healthcare Media. Of an estimated 294 million people hacked in 2021, about 164 million were at risk because of data exposure eventswhen sensitive data is left vulnerable online.3. Microsoft confirmed that a misconfigured system may have exposed customer data. Scans for data will pick up those surprise storage locations. Back in December, the company shared a statement confirming . This trend will likely continue in 2022 as attackers continue to seek out vulnerabilities in our most critical systems. Why does Tor exist? The unintentional misconfiguration was on an endpoint that was not in use across the Microsoft ecosystem and was not the result of a security vulnerability. They also can diminish the trust of those who become the victims of identity theft, credit card fraud, or other malicious activities as a result of those breaches. Sensitive data can live in unexpected places within your organization. The breach . Data leakage protection tools can protect sensitive documents, which is important because laws and regulations make companies accountable. The intrusion was only detected in September 2021 and included the exposure and potential theft of . The data included information such as email addresses and phone numbers all the more reason to keep sensitive details from public profiles. The tech giant said it quickly addressed the issue and notified impacted customers. Some of the original attacks were traced back to Hafnium, which originates in China. That allowed them to install a keylogger onto the computer of a senior engineer at the company. BlueBleed discovered 2.4TB of data, including 335,000 emails, 133,000 projects, and 584,000 exposed users, according to a report on Bleeping Computer. "We are highly disappointed about MSRCs comments and accusations after all the cooperation and support provided by us that absolutely prevented the global cyber disaster.". Successfully managing the lifecycle of data requires that you keep data for the right amount of time. For example, through the flaw which was related to Internet Explorer 6, specifically attackers gained the ability to download malware onto a Google employees computer, giving them access to proprietary information. Can somebody tell me how much BlueBleed (socradar.io) is trustworthy? Windows Central is part of Future US Inc, an international media group and leading digital publisher. A hacking group known as the Xbox Underground repeatedly hacked Microsoft systems between 2011 and 2013. February 21, 2023. Per SOCRadar's analysis, these files contain customer emails, SOW documents, product offers,POC (Proof of Concept) works, partner ecosystem details, invoices, project details, customer product price list,POE documents, product orders, signed customer documents, internal comments for customers, sales strategies, and customer asset documents. Also, follow us at@MSFTSecurityfor the latest news and updates on cybersecurity. In May 2016, security experts discovered a data cache featuring 272.3 million stolen account credentials. Greetings! It all began in August 2022, when LastPass revealed that a threat actor had stolen the apps source code. Future US, Inc. Full 7th Floor, 130 West 42nd Street, December 28, 2022, 10:00 AM EST. For its part, Microsoft claimed that it had quickly secured its servers upon being notified, and that it has alerted affected customers of the potential data breach. "More importantly, we are disappointed that SOCRadar has chosen to release publicly a 'search tool' that is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk," Microsoft added in its response. For the 2022 report, Allianz gathered insights from 2,650 risk management experts from 89 countries and territories. Threat intelligence firm SOCRadar reported that a Microsoft customer data breach affected hundreds of thousands of users from thousands of entities worldwide. Loading. This field is for validation purposes and should be left unchanged. You will receive a verification email shortly. Microsoft uses the following classifications: Identifying data at scale is a major challenge, as is enforcing a process so employees manually mark documents as sensitive. March 16, 2022. Once within the system, attackers could also view, alter, or remove data, create new user accounts, and more. The victim was reportedly one of only four employees at the company that had access to a shared folder that provided the keys to customer vaults. Microsoft has not been pleased with SOCRadars handling of this breach, having stated that encouraging entities to use its search tool is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk.. Considering the potentially costly consequences, how do you protect sensitive data? Some of the data were crawled by our engine, but as we promised to Microsoft, no data has been shared so far, and all this crawled data was deleted from our systems, SOCRadar VP of Research and CISO Ensar eker told BleepingComputer. According to the security firm the leak, dubbed "BlueBleed I", covers data from 65,000 "entities" in 111 countries, from between 2017 and August 2022. Welcome to Cyber Security Today. Search can be done via metadata (company name, domain name, and email). Our daily alert provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. Microsoft Breach 2022! So, tell me Mr. & Mrs. Microsoft, would there be any chance at all that you may in fact communicate with your customer base. But there werent any other safeguards in place, such as a warning notification inside the software announcing that a system change would make the data public. The tech giant has thanked SOCRadar, but its not happy with the companys blog post, claiming that it greatly exaggerates the scope of the issue and the numbers involved. "This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," the companyrevealed. Additionally, the configuration issue involved was corrected within two hours of its discovery. Microsoft has confirmed that it inadvertently exposed information related to prospective customers, but claims that the company which reported the incident has exaggerated the numbers. Microsoft is another large enterprise that suffered two major breaches in 2022. Instead, we recommend an approach that integrates data protection into your existing processes to protect sensitive data. Of the files that were collected, SOCRadar's analysis revealed that these included proof of concept works, internal comments and sales strategies, customer asset documents, product orders, offers, and more. In 2020, Equifax was made to pay further settlements relating to the breach: $7.75 million (plus $2 million in legal fees) to financial institutions in the US plus $18.2 million and $19.5 million . Lets look at four of the biggest challenges of sensitive data and strategies for protecting it. We want to hear from you. Learn more about how to protect sensitive data. ", Microsoft added today that it believes SOCRadar "greatly exaggerated the scope of this issue" and "the numbers. No data was downloaded. As a result, the impact on individual companies varied greatly. In July 2021, the Biden administration and some U.S. allies formally stated that they believed China was to blame. This is simply something organizations that are hosting applications and data in any of the various cloud platforms need to understand, Kron added. Based in the San Francisco Bay Area, when not working, he likes exploring the diverse and eclectic food scene, taking short jaunts to wine country, soaking in the sun along California's coast, consuming news, and finding new hiking trails. The company revealed that information that may have been exposed as a result of the breach include names, email addresses, email content, company name, phone numbers, and other attached files, but Microsoft stopped short of revealing how many entities were impacted. Aside from the researchers, it isnt clear whether the data was accessed by third parties, including potential attackers. Like many underground phenomena on the internet, it is poorly understood and shrouded in the sort of technological mysticism that people often ascribe to things like hacking or Bitcoin. October 2022: 548,000+ Users Exposed in BlueBleed Data Leak Neiman Marcus: In October, Neiman Marcus made a data breach that occurred in May 2020 public. The data classification process involves determining datas sensitivity and business impact so you can knowledgeably assess the risks. Misconfigured Public Cloud Databases Attacked Within Hours of Deployment, Critical Vulnerabilities in Azure PostgreSQL Exposed User Databases, Microsoft Confirms NotLegit Azure Flaw Exposed Source Code Repositories, Industry Experts Analyze US National Cybersecurity Strategy, Critical Vulnerabilities Allowed Booking.com Account Takeover, Information of European Hotel Chains Customers Found on Unprotected Server, New CISA Tool Decider Maps Attacker Behavior to ATT&CK Framework, Dish Network Says Outage Caused by Ransomware Attack, Critical Vulnerabilities Patched in ThingWorx, Kepware IIoT Products, 33 New Adversaries Identified by CrowdStrike in 2022, Vulnerability in Popular Real Estate Theme Exploited to Hack WordPress Websites, EPA Mandates States Report on Cyber Threats to Water Systems, Thousands of Websites Hijacked Using Compromised FTP Credentials, Organizations Warned of Royal Ransomware Attacks, White House Cybersecurity Strategy Stresses Software Safety, Over 71k Impacted by Credential Stuffing Attacks on Chick-fil-A Accounts, BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems, Advancing Women in Cybersecurity One CMOs Journey. Through the vulnerabilities, the researchers were able to gain complete access to data, including a selection of databases and some customer account information relating to thousands of accounts. Microsoft Digital Defense Report 2022 Illuminating the threat landscape and empowering a digital defense. Then, Flame returned a malicious executable file featuring a rogue certificate, causing the uninfected machine to download malware. As mentioned earlier, data discovery requires locating all the places where your sensitive data is stored. We have directly notified the affected customers.". Microsoft disputed SOCRadar's claims and fired back at the researchers stating that their estimations are over-exaggerated. Hopefully, this will help organizations understand the importance of data security and how to better allocate their security budgets. November 16, 2022. The messages were being sent through compromised accounts, including users that signed up for Microsofts two-factor authentication. However, with the sheer volume of hacks, its likely that multiple groups took advantage of the vulnerability. In a revelation this week, Microsoft's Security Response Center (MSRC) said it was notified by threat intelligence firm SOCRadar on September 24 . Poll: Do you think Microsoft's purchase of Activision Blizzard will be approved? "Security researchers at SOCRadar informed Microsoft on September 24, 2022, of a misconfigured Microsoft endpoint," Microsoft wrote in a detailed security response blog post (opens in new tab). This presentation will provide an overview of the security risks associated with SaaS, best practices for mitigating these risks and protecting data, and discuss the importance of regularly reviewing and updating SaaS security practices to ensure ongoing protection of data. Redmond added that the leak was caused by the "unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem" and not due to a security vulnerability. [ Read: Misconfigured Public Cloud Databases Attacked Within Hours of Deployment ]. Microsoft. For their part, Lapsus$ has repeatedly stated that their motivations are purely financial: Remember: The only goal is money, our reasons are not political. They appear to exploit insider threats, and recently posted a notice asking tech workers to compromise their employers. The research firm insists that it has not overstepped any privacy protocols in its work and none of the information it uncovered was saved on its end. The exposed information allegedly included over 335,000 emails, 133,000 projects, and 548,000 users. Security intelligence from around the world. It isnt clear how many accounts were impacted, though Microsoft described it as a limited number. Additionally, the tech giant asserted that email contents and attachments, as well as login credentials, were not compromised in the hack. MWC 2023 moves beyond consumer and deep into enterprise tech, Carrier equipment maker Ericsson lets go 8,500 employees, Apple reportedly planning second-generation mixed reality headset for 2025, Report: Justice Department plans lawsuit to block Adobe's $20B Figma acquisition, Galaxy Digital finalizes $44M acquisition of crypto self-custody platform GK8, Meta releases LLaMA to democratize access to large language AI models, INFRA - BY MARIA DEUTSCHER .