Microsoft employees leaked internal credentials accidentally via GitHub

Microsoft and GitHub logos on a green and white background

Microsoft's employees have exposed sensitive login credentials to the company's infrastructure online. The leak was reported first by cybersecurity research firm, spiderSilk, and later confirmed by Microsoft, Vice reports. According to the article, the exposed data came from employees on GitHub.

Mossab Hussein, chief security officer from the cybersecurity firm SpiderSilk, which found the issue, told Vice that it is becoming more difficult to identify in time accidents from source code and credential leaks. He said:

"We continue to see that accidental source code and credential leakages are part of the attack surface of a company, and it’s becoming more and more difficult to identify in a timely and accurate manner. This is a very challenging issue for most companies these days"

Azure, being Microsoft's cloud computer service, is similar to Amazon Web Services. The leaked credentials were related to an official Microsoft tenant ID. A tenant ID is a unique identifier linked to a particular set of Azure users.

According to Vice, Microsoft refused to elaborate on what systems the credentials were protecting when asked multiple times. No sensitive data was accessed from this leak, and the company has taken more secure measures to prevent credential sharing.

Source: Vice

Report a problem with article
ebook offer
Next Article

Free offer ends today: JavaScript from Beginner to Professional ($28.99 value)

Windows error message indicated by text Something happened
Previous Article

Careful with that song! Microsoft shares crazy tale of Janet Jackson crashing Windows PCs

0 Comments - Add comment

Advertisement