The Microsoft AI research division accidentally leaked dozens of terabytes of sensitive data starting in July 2020 while contributing open-source AI learning models to a public GitHub repository.
  • Knusper@feddit.de
    12·
    1 year ago

    Gotta love these kind of news. There’s always these hypothetical discussions of clouds being insecure and companies generally just ignore that, because clouds are theoretically, sometimes cheaper.

    And then every now and then, half the internet leaks out of one of these clouds and everyone’s like, holy crap, and then companies go back to generally just ignoring that, because clouds are theoretically, sometimes cheaper.

    • TheCee@programming.devEnglish
      5·
      1 year ago

      Unfortunately nobody in charge has seen consequences for their decision to save a few theoretical nickels, so far. But then again, a lot of software/IT related stuff would look completely different, if anybody did.

      • Knusper@feddit.de
        2·
        1 year ago

        Yeah, with the GDPR, you could theoretically get sued for using inappropriate technologies, but unless a proper expert committee officially declares Azure et al unsalvagable, you can always say, you thought you were using safe technologies.

    • XTornado@lemmy.ml
      11·
      1 year ago

      Given the average company I believe the cloud being more secure, of course they can shoot themselves d in the foot in the cloud as well but that wouldn’t be the cloud being insecure. The cheaper part… not sure if I would agree, it is more simple and easier to manage than your own physical hardware and all that entails, unless you require very little, that’s for sure.

  • Nighed@sffa.communityEnglish
    71·
    1 year ago

    The exposed data included backups of personal information belonging to Microsoft employees, including passwords for Microsoft services, secret keys, and an archive of over 30,000 internal Microsoft Teams messages originating from 359 Microsoft employees.

    In an advisory on Monday by the Microsoft Security Response Center (MSRC) team, Microsoft said that no customer data was exposed, and no other internal services faced jeopardy due to this incident.