Microsoft AI researchers accidentally expose 38TB of data to GitHub

A Microsoft employee has accidentally exposed 38 terabytes of private data while revealing a large portion of open-source AI training data on GitHub.

1 minute & 42 seconds read time

A staggering 38 terabytes of data was accidentally leaked by Microsoft AI researchers on the website called GitHub, according to a cloud security company report.

Microsoft AI researchers accidentally expose 38TB of data to GitHub 5448

The new report released by Wiz, a cloud security company, among the leaked files, were two entire backups of workstation computers that contained confidential Microsoft information such as company "secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages". The incredibly large data exposure may result in Microsoft's AI systems being vulnerable to attack or any other Microsoft-related systems. So, how did this happen?

Unfortunately, it was a simple yet critical mistake that occurred when Microsoft AI researchers were trying to publish a "bucket of open-source training material" and "AI models for image recognition" to GitHub. The files' SAS token was misspelled, resulting in the public's storage permissions switching to the entire storage account rather than the AI material that developers were attempting to publish. Unfortunately, the bad news doesn't stop there.

The permission mishap didn't just grant the public viewing access to the storage account, it also enabled "full control" of the account, meaning files could be downloaded, deleted, copied, altered, and more. Microsoft has responded.

An "attacker could have injected malicious code into all the AI models in this storage account, and every user who trusts Microsoft's GitHub repository would've been infected by it," Wiz's researchers write.

Buy at Amazon

Starfield: Standard Edition - Xbox Series X

TodayYesterday7 days ago30 days ago
* Prices last scanned on 12/5/2023 at 6:00 am CST - prices may not be accurate, click links above for the latest price. We may earn an affiliate commission.

Jak joined the TweakTown team in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science, space, and artificial intelligence news. Jak's love for science, space, and technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms. Instead of typical FPS, Jak holds a very special spot in his heart for RTS games.

Newsletter Subscription

Related Tags