Below, youll find a full timeline of Microsoft data breaches and security incidents, starting with the most recent. Our daily alert provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. Microsoft Corp. today revealed details of a server misconfiguration that may have compromised the data of some potential customers in September. We want to hear from you. Humans are the weakest link. To abide by the data minimization principle, once the data is no longer serving its purpose, it must be deleted. Like many underground phenomena on the internet, it is poorly understood and shrouded in the sort of technological mysticism that people often ascribe to things like hacking or Bitcoin. Though Microsoft would not reveal how many people were impacted, SOCRadar researchers claimed that 65,000 entities across 111 countries may have had their data compromised, which includes. He graduated from the University of Virginia with a degree in English and History. In April 2019, Microsoft announced that hackers had acquired a customer support agents credentials, giving them access to some webmail accounts including @outlook.com, @msn.com, and @hotmail.com accounts between January 1, 2019, and March 28, 2019. A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services. 2. Copyright 2023 Wired Business Media. January 31, 2022. It isnt known whether the information was accessed by cybercriminals before the issues were addressed. It isnt clear how many accounts were impacted, though Microsoft described it as a limited number. Additionally, the tech giant asserted that email contents and attachments, as well as login credentials, were not compromised in the hack. You can read more in our article on the Lapsus$ groups cyberattacks. Microsoft, one of the world's largest technology companies, suffered a serious security breach in March 2022. Additionally, the configuration issue involved was corrected within two hours of its discovery. In October 2017, word broke that an internal database Microsoft used to track bugs within Microsoft products and software was compromised back in 2013. Trainable classifiers identify sensitive data using data examples. If you are not receiving newsletters, please check your spam folder. Along with accessing computer networks without authorization, the group used stolen credentials to get into a secured building and acquired development kits. In July 2021, the Biden administration, along with the FBI, accused China of the data breach. Microsoft said the scale of the data breach has been 'greatly exaggerated', while SOCRadar claims around 65,000 companies were impacted. The yearly average data breach cost increased the most between the year's 2020 and 2021 - a spike likely influenced by the COVID-19 pandemic. History has shown that when it comes to ransomware, organizations cannot let their guards down. Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Flame wasnt just capable of infecting machines; it could also spread itself through a network using a rogue Microsoft certificate. The data discovery process can surprise organizationssometimes in unpleasant ways. BlueBleed discovered 2.4TB of data, including 335,000 emails, 133,000 projects, and 584,000 exposed users, according to a report on Bleeping Computer. When an unharmed machine attempted to apply a Microsoft update, the request was intercepted before reaching the Microsoft update server. Posted: Mar 23, 2022 5:36 am. A threat group calling itself Lapsus$ announced recently that it had gained access to the source code of Microsoft products such as Bing and Cortana. "Threat actors who may have accessed the bucket may use this information in different forms for extortion, blackmailing, creating social engineering tactics with the help of exposed information, or simply selling the information to the highest bidder on the dark web and Telegram channels," SOCRadar warned. In August 2021, security professionals at Wiz announced that they were able to access customer databases and accounts housed on Microsoft Azure a cloud-based computing platform including records and data relating to many Fortune 500 companies. Additionally, Microsoft hadnt planned to release a patch until the next scheduled major update for Internet Explorer, though it ultimately had to accelerate its plan when attackers took advantage of the vulnerability. After several rounds of layoffs, Twitter's staff is down from . Microsoft admits a storage misconfiguation, data tracker leads to a data breach at a second US hospital chain, and more. A cybercriminal gang, Lapsus$, managed to breach some of the largest tech companies in the world - including Samsung, Ubisoft, and most recently, Microsoft Bing. Security intelligence from around the world. However, the failure of the two-factor authentication system places at least some of the blame on the tech giant. For example, through the flaw which was related to Internet Explorer 6, specifically attackers gained the ability to download malware onto a Google employees computer, giving them access to proprietary information. However, it would have been nice to see more transparency from Microsoft about the severity of the breach and how many people may have been impacted, especially in light of the data that SOCRadar was able to collect. You can think of it like a B2B version of haveIbeenpwned. Learn four must-haves for multicloud data protection, including how an integrated solution provides greater scalability and protection across your multicloud and hybrid environment. "Our team was already investigating the. On February 21, Activision acknowledged that they suffered a data breach in December 2022, after a hacker tricked an employee via an SMS phishing attack. Our in-depth investigation and analysis of the data set shows duplicate information, with multiple references to the same emails, projects, and users. The first few months of 2022 did not hold back. Neiman Marcus: In October, Neiman Marcus made a data breach that occurred in May 2020 public. Michael X. Heiligenstein is the founder and editor-in-chief of the Firewall Times. 3:18 PM PST February 27, 2023. The company learned about the misconfiguration on September 24 and secured the endpoint. A couple of well-known brands, for instance, were fined hundreds of millions of euros in 2021. The database wasnt properly password-protected for approximately one month (December 5, 2019, through December 31, 2019), making the details accessible to anyone with a web browser who managed to connect to the database. Got a confidential news tip? Due to persistent pressure from Microsoft, we even have to take down our query page today. UpdateOctober 19,14:44 EDT: Added more info on SOCRadar's BlueBleed portal. The data included information such as email addresses and phone numbers all the more reason to keep sensitive details from public profiles. One day companies are going to figure out just how bad a decision it was t move everything to and become dependent on a cloud. Data Breach Response: Microsoft determines appropriate priority and severity levels of a breach by investigating the functional impact, recoverability, and information impact of the incident. More than a quarter of IT leaders (26%) said a severe . Learn more about how to protect sensitive data. Back in December, the company shared a statement confirming . Kron noted that although cloud services can be very convenient, and if secured properly, also very secure, when a misconfiguration occurs, the information can be exposed to many more potential people than on traditional internal on-premise systems. Read our posting guidelinese to learn what content is prohibited. Microsoft customers find themselves in the middle of a data breach situation. Attackers gained access to the SolarWinds system, giving them the ability to use software build features. Learn more below. Microsoft (MSFT) has confirmed it was breached by the hacker group Lapsus$, adding to the cyber gang's growing list of victims. Leveraging security products that enable auto-labeling of sensitive data across an enterprise is one method, among several that help overcome these data challenges. This incident came to light in January 2021 when a security specialist noticed some anomalous activity on a Microsoft Exchange Server operated by a customer namely, that an odd presence on the server was downloading emails. "We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.". Upgrade your lifestyleDigital Trends helps readers keep tabs on the fast-paced world of tech with all the latest news, fun product reviews, insightful editorials, and one-of-a-kind sneak peeks. January 25, 2022. January 17, 2022. The issue was discovered by UpGuard, a cybersecurity firm, and was promptly reported to Microsoft and impacted organizations, allowing the tech giant and the other companies and agencies to address the problem and plug the leaks. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedias security news reporter. Some of the data were crawled by our engine, but as we promised to Microsoft, no data has been shared so far, and all this crawled data was deleted from our systems," SOCRadar VP of Research and CISO Ensar eker told BleepingComputer. We have directly notified the affected customers.". Earlier this year, Microsoft, along with other technology firms, made headlines for a series of unrelated breaches as a result of cyber hacking from the Lapsus$ group. The company secured the server after being notified of the leak on September 24, 2022by security researchers at threat intelligence firm SOCRadar. Common types of sensitive data include credit card numbers, personally identifiable information (PII) like a home address and date of birth, Social Security Numbers (SSNs), corporate intellectual property (IP) like product schematics, protected health information (PHI), and medical record information that could be used to identify an individual. The intrusion was only detected in September 2021 and included the exposure and potential theft of . (Marc Solomon), History has shown that when it comes to ransomware, organizations cannot let their guards down. The most recent Microsoft breach occurred in October 2022, when data on over 548,000 users was found on an misconfigured server. 2Cyberattacks Against Health Plans, Business Associates Increase, Jill McKeon, HealthITSecurity xtelligent Healthcare Media. The cost of a data breach in 2022 was $4.35M - a 12.7% increase compared to 2020, when the cost was $3.86M. UPDATED 13:14 EST / MARCH 22 2022 SECURITY Okta and Microsoft breached by Lapsus$ hacking group by Maria Deutscher SHARE The Lapsus$ hacking group has carried out cyberattacks against Okta Inc.. Scans for data will pick up those surprise storage locations. The company also stated that it has directed contacted customers that were affected by the breach. Azure and Breach Notification under the GDPR further details how Microsoft investigates, manages, and responds to security incidents within Azure. At the time, the cache was one of the largest ever uncovered, and only came to light when a Russian hacker discussed the collected data on an online forum. Below, you'll find a full timeline of Microsoft data breaches and security incidents, starting with the most recent. Overall, its believed that less than 1,000 machines were impacted. "We've confirmed that the endpoint has been secured as of Saturday, September 24, 2022, and it is now only accessible with required authentication," Microsoft said. Breaches of sensitive data are extremely costly for organizations when you tally data loss, stock price impact, and mandated fines from violations of General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), or other regulations. "We are highly disappointed about MSRCs comments and accusations after all the cooperation and support provided by us that absolutely prevented the global cyber disaster." Successfully managing the lifecycle of data requires that you keep data for the right amount of time. Once within the system, attackers could also view, alter, or remove data, create new user accounts, and more. Microsoft has confirmed sensitive information from. (Torsten George), The conventional tools we rely on to defend corporate networks are creating gaps in network visibility and in our capabilities to secure them. Please provide a valid email address to continue. Additionally, they breached certain developer systems, including those operated by Zombie Studios, a company behind the Apache helicopter simulator used by the U.S. military. Sensitive data can live in unexpected places within your organization. Almost 70,000 patients had their personal data compromised in a recent breach of Kaiser Permanente. If there's a cyberattack, hack, or data breach you should know about, then we're on it. On March 22, Microsoft issued a statement confirming that the attacks had occurred. Data Breaches. Microsoft solutions offer audit capability where data can be watched and monitored but doesnt have to be blocked. Among the company's products is an IT performance monitoring system called Orion. However, News Corp uncovered evidence that emails were stolen from its journalists. Not really. This miscongifuration resulted in the possibility of "unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers". It can be overridden too so it doesnt get in the way of the business. Microsoft was alerted by security researchers at SOCRadar about a misconfigured endpoint that had exposed some customer information.