As a result, the impact on individual companies varied greatly. Search can be done via metadata (company name, domain name, and email). Learn how Rabobank, Fannie Mae, and Ernst & Young maximized their existing Microsoft 365 subscriptions to gain integrated data loss prevention and information protection. News Corp asserted that no customer data was stolen during the breach, and that the company's everyday work wasn't hindered. It all began in August 2022, when LastPass revealed that a threat actor had stolen the apps source code. Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. Microsoft Corp. today revealed details of a server misconfiguration that may have compromised the data of some potential customers in September. "Security researchers at SOCRadar informed Microsoft on September 24, 2022, of a misconfigured Microsoft endpoint," Microsoft wrote in a detailed security response blog post (opens in new tab). "On September 24, 2022, SOCRadar's built-in Cloud Security Module detected a misconfigured Azure Blob Storage maintained by Microsoft containing sensitive data from a high-profile cloud provider," SOCRadarsaid. "Our team was already investigating the. We have directly notified the affected customers.". Welcome to Cyber Security Today. 3Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected, Cezary Podkul, ProPublica. Loading. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedias security news reporter. The biggest cyber attacks of 2022. This misconfiguration resulted in unauthenticated access to some business transaction data, it says. Visit our corporate site (opens in new tab). In a speech given at Carnegie Mellon University, Cybersecurity and Infrastructure Security Agency Director Jen Easterly pointed to Apple as a company that took security and accountability seriously, and suggested other companies should take note. The issue was caused by an unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem and was not the result of a security vulnerability, Microsoft explained. It isnt known whether the information was accessed by cybercriminals before the issues were addressed. Azure and Breach Notification under the GDPR further details how Microsoft investigates, manages, and responds to security incidents within Azure. 1. The intrusion was only detected in September 2021 and included the exposure and potential theft of . News Corp. News Corp., the publisher of the Wall Street Journal and a range of global media outlets, said in a securities filing that it was hit by a cyberattack in January 2022 and that some data . Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. Search can be done via metadata (company name, domain name, and email). On March 20, 2022, the hacker group Lapsus$ posted a screenshot to their Telegram channel indicating that they had breached Microsoft. Read our posting guidelinese to learn what content is prohibited. Microsoft released guidance on how to fully merge the Microsoft and Skype account data, giving users a solution. Microsoft has confirmed one of its own misconfigured cloud systems led to customer information being exposed to the internet, though it disputes the extent of the leak. This information could be valuable to potential attackers who may be looking for vulnerabilities within one of these organizations networks.. Heres how it works. "Our investigation found no indication customer accounts or systems were compromised. Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding. Not really. 21 HOURS AGO, [the voice of enterprise and emerging tech]. Numerous government agencies including the Department of Defense, Department of Homeland Security, Department of Justice, and Federal Aviation Administration, among others were impacted by the attack. In recent years under the leadership of CEO Satya Nadella, Microsoft made data security and privacy practices central pillars of of its operations, so it is refreshing to see the company take swift action to correcting the security flaw. Attackers gained access to the SolarWinds system, giving them the ability to use software build features. BlueBleed discovered 2.4TB of data, including 335,000 emails, 133,000 projects, and 584,000 exposed users, according to a report on Bleeping Computer. In 2021, the number of data breaches climbed 68 percent to 1,862 (the highest in 17 years) with an average cost of USD4.24 million each.1 About 45 million people were impacted by healthcare data breaches alonetriple the number impacted just three years earlier.2. If there's a cyberattack, hack, or data breach you should know about, then we're on it. The vulnerability allowed attackers to gain the same access privileges as an authorized user with administrative rights, giving the hackers the ability to take complete control of an impacted system. In March 2022, the group posted a torrent file online containing partial source code from . The company revealed that it was informed of the isolated incident by researchers at SOCRadar, though both companies remain in disagreement over how many users were impacted and best practices that cybersecurity researchers should take when they encounter a breach or leak in the future. On March 20, 2022, the infamous hacker group Lapsus$ announced that they had successfully breached Microsoft. 5 The future of compliance and data governance is here: Introducing Microsoft Purview, Alym Rayani. The details which included names, gamer tags, birthdays, and emails were accidentally published online and not accessed via a hack. $1.12M Average savings of containing a data breach in 200 days or less Key cost factors Ransomware attacks grew and destructive attacks got costlier Written by RTTNews.com for RTTNews ->. Learn more below. For the 2022 report, Allianz gathered insights from 2,650 risk management experts from 89 countries and territories. Anna Tutt, CMO of Oort, shares her experiences and perspectives on how we can accelerate growth of women in cybersecurity. Teh cloud is nothing more than a tool, not the be all end all digital savior that it's marketed as and that many believe it to be. Along with some personally identifiable information including some customer email addresses, geographical data, and IP addresses support conversations and records were also exposed in the incident. In a revelation this week, Microsoft's Security Response Center (MSRC) said it was notified by threat intelligence firm SOCRadar on September 24 . Copyright 2023 Wired Business Media. The hackers then pushed out malicious updates to approximately 18,000 SolarWinds customers utilizing a supply chain attack approach, giving them access to the customers systems, networks, and data. Since sensitive data is everywhere, we recommend looking for a multicloud, multi-platform solution that enables you to leverage automation. Sensitive data can live in unexpected places within your organization. "We are highly disappointed about MSRCs comments and accusations after all the cooperation and support provided by us that absolutely prevented the global cyber disaster.". (Torsten George), The conventional tools we rely on to defend corporate networks are creating gaps in network visibility and in our capabilities to secure them. He was imprisoned from April 2014 until July 2015. Duncan Riley. The most recent Microsoft breach occurred in October 2022, when data on over 548,000 users was found on an misconfigured server. As mentioned earlier, data discovery requires locating all the places where your sensitive data is stored. Upgrade your lifestyleDigital Trends helps readers keep tabs on the fast-paced world of tech with all the latest news, fun product reviews, insightful editorials, and one-of-a-kind sneak peeks. Never seen this site before. Microsoft also fired back at SOCRadar for exaggerating the scope of the issue, so it's unclear if that company's report that 65,000 entities affected hold true. In October 2017, word broke that an internal database Microsoft used to track bugs within Microsoft products and software was compromised back in 2013. According to Microsoft, the exposed information includes names, email addresses, email content, company name, and phone numbers, as well as files linked to business between affected customers and Microsoft or an authorized Microsoft partner. Microsoft also disputed some key details of SOCRadars findings: After reviewing their blog post, we first want to note that SOCRadar has greatly exaggerated the scope of this issue. 85. You can think of it like a B2B version of haveIbeenpwned. Once its system was impacted, additional hacking activity occurred through its systems, allowing the attackers to reach Microsoft customers as a result. Please refresh the page and try again. (RTTNews) - Personal data of 38 million users were accidentally leaked due to a fault in Microsoft's (MSFT) Power Apps . Once the data is located, you must assign a value to it as a starting point for governance. Some solution providers divorce productivity and compliance and try to merely bolt-on data protection. Data leakage protection is a fast-emerging need in the industry. While the bulk was for a Russian email service, approximately 33 million about 12 percent of the total stash were for Microsoft Hotmail accounts. Mainly, this is because the resulting hacks werent all administered by a single group for one purpose. our article on the Lapsus$ groups cyberattacks, Data Leak Notice on iPhone What to Do About It, Verizon Data Breaches: Full Timeline Through 2023, AT&T Data Breaches: Full Timeline Through 2023, Google Data Breaches: Full Timeline Through 2023. Though Microsoft would not reveal how many people were impacted, SOCRadar researchers claimed that 65,000 entities across 111 countries may have had their data compromised, which includes names, phone numbers, email addresses and content, company name, and attached files containing proprietary company information like proof of concept documents, sales data, product orders, and more. According to one source, the hacker gained access to the Slack account of an HR employee, as well as data such as email addresses, phone numbers, and salaries of Activision employees. They are accountable for protecting information and sharing data via processes and workflows that enable protection, while also not hindering workplace productivity. SOCRadar executives stated that the company does not keep any of the data it comes across and has since deleted any data that its tool may have accessed. Microsoft has confirmed that it inadvertently exposed information related to prospective customers, but claims that the company which reported the incident has exaggerated the numbers. The snapshot was of Azure DevOps, which is a collaboration software launched by Microsoft - it shared that Cortana, Bing, and other projects were compromised in the breach. 9. In December 2020, vulnerabilities associated with SolarWinds an infrastructure monitoring and management software solution were exploited by Russian hackers. (Marc Solomon), History has shown that when it comes to ransomware, organizations cannot let their guards down. In one of the broadest security incidents involving Microsoft, four zero-day vulnerabilities led to widespread hacking attempts targeting Microsoft Exchange Servers. When an unharmed machine attempted to apply a Microsoft update, the request was intercepted before reaching the Microsoft update server. This blog describes how the rule is an opportunity for the IT security team to provide value to the company. 4 Work Trend Index 2022, Microsoft. After classifying data as confidential or highly confidential, you must protect it against exposure to nefarious actors. Additionally, Microsoft had issue with the way that SOCRadar researchers handled their discovery of the breach by using a search tool to try to connect the data. The proposed Securities and Exchange Commission rule creates new reporting obligations for United States publicly traded companies to disclose cybersecurity incidents, risk management, policies, and governance. Hey Sergiu, do you have a CVE for this so I can read further on the exposure? To abide by the data minimization principle, once the data is no longer serving its purpose, it must be deleted. The IT giant confirmed by stating that the hacker obtained "limited access" from one account, which Lapsus$ compromised. New York CNN Business . Data leakage protection tools can protect sensitive documents, which is important because laws and regulations make companies accountable. November 16, 2022. A couple of well-known brands, for instance, were fined hundreds of millions of euros in 2021. SOCRadar has also made available a free tool that companies can use to find out if their data was exposed in one of the BlueBleed buckets. The hacker gained access to the personal data through an employee's email that contained sensitive information including patient names, medical information, and test results. Due to persistent pressure from Microsoft, we even have to take down our query page today, he added. Mar 23, 2022 Ravie Lakshmanan Microsoft on Tuesday confirmed that the LAPSUS$ extortion-focused hacking crew had gained "limited access" to its systems, as authentication services provider Okta revealed that nearly 2.5% of its customers have been potentially impacted in the wake of the breach. "Threat actors who may have accessed the bucket may use this information in different forms for extortion, blackmailing, creating social engineering tactics with the help of exposed information, or simply selling the information to the highest bidder on the dark web and Telegram channels," SOCRadar warned. Creating the rogue certificate involved exploiting the algorithm Microsoft used to set up remote desktops on systems, allowing code to be crafted that appeared to come from Microsoft. Additionally, the configuration issue involved was corrected within two hours of its discovery. Among the company's products is an IT performance monitoring system called Orion. on August 12, 2022, 11:53 AM PDT. With information from the database, attackers could create tools to break into systems by exploring the vulnerabilities, potentially allowing them to target hundreds of millions of computers. Microsoft Breach - March 2022. Bako Diagnostics' services cover more than 250 million individuals. We really want to hear from you, and were looking forward to seeing you at the event and in theCUBE Club. ", Microsoft added today that it believes SOCRadar "greatly exaggerated the scope of this issue" and "the numbers. The data protection authorities have issued a total of $1.25 billion in fines over breaches of the GDPR since January 28, 2021.5. Poll: Do you think Microsoft's purchase of Activision Blizzard will be approved? January 25, 2022. Once within the system, attackers could also view, alter, or remove data, create new user accounts, and more. In March, the hacker group Lapsus$ struck again, claiming to have breached Microsoft and shared screenshots taken within Azure DevOps, Microsoft's collaboration software. In a lengthy blog post, Microsofts security team described Lapsus$ as a large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements. They go on to describe the groups tactics in great detail, indicating that Microsoft had been studying Lapsus$ carefully before the incident occurred. Microsoft servers have been subject to a breach that might have affected over 65,000 entities across 111 countries, according to the security research firm, SOCRadar. This presentation will provide an overview of the security risks associated with SaaS, best practices for mitigating these risks and protecting data, and discuss the importance of regularly reviewing and updating SaaS security practices to ensure ongoing protection of data. The tech giant said it quickly addressed the issue and notified impacted customers. A database containing 250 million Microsoft customer records has been found unsecured and online NurPhoto via Getty Images A new report reveals that 250 million Microsoft customer records,. Though the number of breaches reported in the first half of 2022 . A cybercriminal gang, Lapsus$, managed to breach some of the largest tech companies in the world - including Samsung, Ubisoft, and most recently, Microsoft Bing. The yearly average data breach cost increased the most between the year's 2020 and 2021 - a spike likely influenced by the COVID-19 pandemic. This will make it easier to manage sensitive data in ways to protect it from theft or loss. The full scope of the attack was vast. No data was downloaded. One day companies are going to figure out just how bad a decision it was t move everything to and become dependent on a cloud. SOCRadar said the exposed data belonged to Microsoft and it totaled 2.4 Tb of files collected between 2017 and August 2022. A hacking group known as the Xbox Underground repeatedly hacked Microsoft systems between 2011 and 2013. Microsoft followed suit and named a Chinese state-sponsored hacker group, Hafnium, as the culprit behind the attack. Aside from the researchers, it isnt clear whether the data was accessed by third parties, including potential attackers. Average Total Data Breach Cost Increase By 2.6%. Also, consider standing access (identity governance) versus protecting files. Greetings! History has shown that when it comes to ransomware, organizations cannot let their guards down. The popular password manager LastPass faced a major attack last year that compromised sensitive data of its users, including passwords. Data governance ensures that your data is discoverable, accurate, trusted, and can be protected. That allowed them to install a keylogger onto the computer of a senior engineer at the company. 3:18 PM PST February 27, 2023. 229 SHARES FacebookRedditLinkedinTelegramWhatsappTweet Me On March 20 th 2022, the Lapsus$ group shared a snapshot to its Telegram channel showing that they have breached Microsoft. Considering the potentially costly consequences, how do you protect sensitive data? Also, organizations can have thousands of sensitive documents, making manual identification and classification of data untenable because the process would be too slow and inaccurate. "No data was downloaded. UpdateOctober 19,14:44 EDT: Added more info on SOCRadar's BlueBleed portal. Senator Markey calls on Elon Musk to reinstate Twitter's accessibility team. Microsoft confirmed on Wednesday that a misconfigured endpoint exposed data, which the company said was related to business transaction data corresponding to interactions between Microsoft and prospective customers. The security firm noted that while Microsoft might have taken swift action on fixing the misconfigured server, its research was able to connect the 65,000 entities uncovered to a file data composed between 2017 and 20222, according to Bleeping Computer. Hacker group LAPSUS$ - branded DEV-0537 in Microsoft's blog post . Many security experts remain alarmed about the large, Chinese-linked hack of Microsoft's Exchange email service a week after the attack was first reported. Microsoft said the scale of the data breach has been 'greatly exaggerated', while SOCRadar claims around 65,000 companies were impacted. On February 21, Activision acknowledged that they suffered a data breach in December 2022, after a hacker tricked an employee via an SMS phishing attack. Redmond added that the leak was caused by the "unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem" and not due to a security vulnerability. (Marc Solomon). Threat intelligence firm SOCRadar reported that a Microsoft customer data breach affected hundreds of thousands of users from thousands of entities worldwide. Overall, Flame was highly targeted, limiting its spread. "More importantly, we are disappointed that SOCRadar has chosen to release publicly a 'search tool' that is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk," Microsoft added in its response.