Microsoft employee leaked sensitive internal login credentials on GitHub

Microsoft employees have leaked sensitive login credentials for the company’s online infrastructure. According to Vice, the vulnerability was first reported by cybersecurity research firm spiderSilk and subsequently confirmed by Microsoft. The exposed data came from employees on GitHub, the article said.

Mossab Hussein, a chief security officer at SpiderSilk, the cybersecurity firm that discovered the issue, said the number of incidents caused by source code and credential leaks is becoming more and more difficult to identify in advance.

“We continue to observe that accidental source code and credential disclosures are part of a company’s attack surface and are increasingly difficult to identify in a timely and accurate manner,” he said. “This is a very challenging problem for most companies today. ”

Azure is a Microsoft cloud computing service, similar to Amazon’s AWS service. The leaked credentials are related to Microsoft’s official tenant ID. A tenant ID is a unique identifier linked to a specific set of Azure users.

When asked multiple times, Microsoft declined to elaborate on which systems the credentials were protecting, according to Vice. The leak did not access any sensitive data, and the company has put in place more security measures to prevent credential sharing.

If you like our news and you want to be the first to get notifications of the latest news, then follow us on Twitter and Facebook page and join our Telegram channel. Also, you can follow us on Google News for regular updates.

Leave a Comment