The company added that no customer code or data was compromised in the attack. The hackers then leaked the stolen data on their Telegram channel.Īs Microsoft explained, the attackers compromised one of their employee's accounts and gained limited access to source code repositories. The infamous Lapsus$ hacker group breached Microsoft’s Azure DevOps server and stole 37 GB of data, mainly source code for the various internal Microsoft projects, including Bing, Bing Maps, and Cortana. Microsoft hacked by Lapsus$ data extortion group An investigation revealed that the database itself was secure, but that a management dashboard was publicly accessible from the open internet. The attackers exfiltrated the data from a database hosted by Alibaba Cloud, a subsidiary of Chinese e-commerce giant Alibaba. The stolen information contained names, phone numbers, government ID numbers, and police reports. ![]() Hackers stole data of more than 1 billion Chinese citizens from a Shanghai police database and tried to extort the department for about $200,000 in what appears to be one of the most extensive data breaches to date. The biggest data leak in the history of China to date Microsoft confirmed the incident, but said that the scope of the issue was greatly exaggerated and that a lot of data in question was duplicate information. Dubbed “BlueBleed,” the data leak included Proof-of-Execution (PoE) and Statement of Work (SoW) documents, user information, product orders/offers, project details, customer emails, internal documents for customers, partner ecosystem details, internal comments for customers, and other information. 2.4TB BlueBleed data leakĢ.4TB of Microsoft customer data belonging to more than 65,000 companies across over 100 countries was exposed due to a misconfigured Azure Blob Storage bucket. It was found that the company was using an AWS S3 bucket to store data but failed to implement any security measures. However, around the same time security researchers reported of a separate breach involving a FlexBooker cloud server that exposed personal data of up to 19 million users. The breach came to light in January 2022, with the company claiming it resolved the issue. The stolen data was then posted for sale on various hacker forums. The compromised data included names, email addresses, and phone numbers, and in some cases password hashes and partial credit card information. US-based digital scheduling platform FlexBooker suffered a data breach that involved sensitive information of 3.7 million users after threat actors breached its AWS (Amazon Web Services) server. Here's a look at the biggest cloud security incidents in 2022. However, a recent report says that more than 80% of organizations have experienced a cloud-related security incident over the past 12 months.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |