this post was submitted on 18 Sep 2023
616 points (99.0% liked)

Technology

59578 readers
2825 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] AlmightySnoo@lemmy.world 125 points 1 year ago (4 children)

It seems this isn't about customer data:

The exposed data included full backups of two employees' computers. These backups contained sensitive personal data, including passwords to Microsoft services, secret keys, and more than 30,000 internal Microsoft Teams messages from more than 350 Microsoft employees.

[–] ChapolinColoradoNZ@lemmy.world 38 points 1 year ago

Some of that data could be from (or for) customer use, like the service passwords.

[–] Aurenkin@sh.itjust.works 31 points 1 year ago (1 children)

Who TF is keeping secret keys on their dev machine, that shit is toxic. Not to mention passwords

[–] xthexder@l.sw0.com 58 points 1 year ago

They probably mean like private ssh keys and developer credentials, not production keys. Microsoft does not give signing keys to developers, code releases have to get signed through the build servers.

[–] ciko22i3@sopuli.xyz 27 points 1 year ago* (last edited 1 year ago)

What's the other 37.9TB?

[–] crypticthree@lemmy.world 18 points 1 year ago (2 children)

The lax security is still worrying when they have so much data in general

[–] henfredemars@infosec.pub 10 points 1 year ago

The cloud is just somebody else's computer. You give up some control and get some convenience. I'm paranoid about their cloud services and cloud services in general.

[–] GigglyBobble@kbin.social 2 points 1 year ago

On a local pc no less. They don't use password repos at Microsoft?