29 Aug 2021
Database Exposed; Microsoft Cloud Database Users Warned
The Index Today
A massive flaw in the main database in Microsoft Corp’s Azure cloud platform was discovered on Saturday. Users have been requested to change their digital access keys immediately as their information may be exposed.
Researchers at Wiz, a cloud security company, learned they could have gained access to primary digital keys for user access in the database system, allowing them to steal, change and even delete millions of records.
After being alerted, Microsoft immediately worked on fixing the security breach and alerted its users to change their keys. Microsoft released a statement saying, “Our investigation shows no authorized access other than the researcher activity. Notifications have been sent to all customers that could be potentially affected due to researcher activity.”
The U.S Department of Homeland Security’s Cyber Security and Infrastructure Security Agency (CISA) has strongly advised customers to change their certificate keys. Wiz’s security team has also agreed, with Chief officer Ami Luttawak saying, “In my estimation, it’s really hard for them, if not impossible, to completely rule out that someone used this before.” Luttawak has worked in Microsoft and developed tools for logging cloud security incidents. Microsoft and Wiz are working together to conduct more research and ensure customer data is safe.