Microsoft's Latest Security Breach: What's At Stake For Company Integrity And Trust?
Microsoft Corp. (NASDAQ:MSFT) recently addressed a security lapse where internal company files and credentials were exposed to the internet.
What Happened: Security researchers from SOCRadar, including Can Yoleri, Murat Özfidan, and Egemen Koçhisarli, discovered an open Azure storage server hosting internal data related to Microsoft's Bing search engine.
The server, according to Techcrunch, contained crucial information (i.e., passwords, keys, and credentials), but lacked password protection, making it accessible to anyone online.
“The exposed data could potentially help malicious actors identify or access other places where Microsoft stores its internal files,” Yoleri said. “Identifying those storage locations could result in more significant data leaks and possibly compromise the services in use.”
Microsoft was informed of the lapse on Feb. 6 and secured the exposed files by March 5. However, it’s unclear how long the server was vulnerable, or if others accessed the data.
Why It Matters: This incident adds to the ever-growing list of security challenges for Microsoft. Recall last year’s discovery of employees exposing corporate network logins on GitHub.
The Redmond, Washington-based company also faces scrutiny over a breach where China-backed hackers gained access to senior U.S. government officials’ Microsoft-hosted inboxes.
An independent board criticized Microsoft’s security failures in handling the breach.
In March, Microsoft disclosed ongoing efforts to counter a cyberattack by Russian state-backed hackers, which resulted in the theft of source code and internal emails. These incidents underscore the need for Microsoft to enhance its security measures to rebuild customer trust.
Read Next: Microsoft Detects Russian, Chinese AI Hackers: Is It Time To Add Cybersecurity To Your Portfolio?
Image credits: Budrul Chukrut via Shutterstock.
© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Posted-In: cyber attack cyber security Cybersecurity hackers Stories That MatterNews Top Stories Tech
