Confidential credentials were found on Microsoft’s infrastructure on GitHub. This information could have been exploited to break into Microsoft’s confidential systems.
However, Microsoft said it found no evidence of intrusion. The identifiers would not have been used for malicious purposes.
Leak of confidential credentials at Microsoft
Microsoft employees are said to be behind the leak. Credentials published on GitHub allow access to Azure online storage server accounts. Each identifier corresponded to an Azure account and was associated with a Microsoft account via a Tenant ID (Microsoft resident identifier).
Some of these identifiers were still active and usable when the leak was discovered. Even if they only allow access to an Azure account, it would not be very complicated to obtain access to other points of interest on Microsoft’s internal servers.
The leak was discovered by cybersecurity firm spiderSilk. The director, Mossab Hussein, clarified that these leaks are more and more frequent, and affect most companies today.
A recurrent issue
In response to the leak, Microsoft said it had launched an investigation and taken steps to secure the compromised accounts. The company also clarified that these identifiers were disclosed ” inadvertently “. However, they would not have been used and no sensitive data would have been extracted.
Despite everything, last March, hackers had found access to the Azure DevOps account, a Microsoft source code repository. As a result of this attack, a large amount of the source code for Bing and Cortana had been made public. Microsoft declined to explain which account types were affected this time around.
Source : Vice
4