Microsoft's Latest Security Breach: What's At Stake For Company Integrity And Trust?

Microsoft Corp. MSFT recently addressed a security lapse where internal company files and credentials were exposed to the internet.

What Happened: Security researchers from SOCRadar, including Can Yoleri, Murat Özfidan, and Egemen Koçhisarli, discovered an open Azure storage server hosting internal data related to Microsoft's Bing search engine.

The server, according to Techcrunch, contained crucial information (i.e., passwords, keys, and credentials), but lacked password protection, making it accessible to anyone online.

“The exposed data could potentially help malicious actors identify or access other places where Microsoft stores its internal files,” Yoleri said. “Identifying those storage locations could result in more significant data leaks and possibly compromise the services in use.”

Microsoft was informed of the lapse on Feb. 6 and secured the exposed files by March 5. However, it’s unclear how long the server was vulnerable, or if others accessed the data.

Why It Matters: This incident adds to the ever-growing list of security challenges for Microsoft. Recall last year’s discovery of employees exposing corporate network logins on GitHub.

The Redmond, Washington-based company also faces scrutiny over a breach where China-backed hackers gained access to senior U.S. government officials’ Microsoft-hosted inboxes.

An independent board criticized Microsoft’s security failures in handling the breach.

In March, Microsoft disclosed ongoing efforts to counter a cyberattack by Russian state-backed hackers, which resulted in the theft of source code and internal emails. These incidents underscore the need for Microsoft to enhance its security measures to rebuild customer trust.

Image credits: Budrul Chukrut via Shutterstock.

Market News and Data brought to you by Benzinga APIs

-

-

-

-

-

-

-

-

-

-

-

-

-

-

Zinger Key Points