Looks like a data breach is now happening every day with Mobikwik’s major data leak of users’ Aadhar details in the past. Now we have some new report that hints Microsoft has leaked some of the Indian company data online.
Data Breach Report:
As per the report, they have found out that misconfigured Microsoft Azure blob storage containing sensitive internal information such as business pitches, product descriptions, product codes, and hardcoded passwords, and more. Not just that the report also claims that Microsoft has presumably misconfigured the Asure server.
The files appeared to originate from a series of pitches made to Microsoft Dynamics from numerous companies vying for a project or partnership with the company. Many of the pitches included the source codes for software products – some of which were eventually released to the market.
The source also reported that the data was of two potential owners one of them is Canadian consulting firm Adoxio. Do note that Adoxio is now part of KPMG.
Yes, Microsoft has accidentally or knowingly leaked one of the Indian company KPMG. But when the source contacted about the massive data breach the Indian company KPMG replied stating that data was of Microsoft. To which the source tried to reach Microsoft multiple times and finally got a prompt reply. However, the company appears to have mistaken the data breach disclosure for disclosure of a flaw in its software. In its response, Microsoft failed to acknowledge the data breach or claim responsibility. As a result, we have no way to verify whether the file belongs to Microsoft.
The latest update to this data breach is that the leaked data in the cloud storage account was a ‘demo’ – thus indirectly confirming it belonged to the company. Do note it’s not just KPMG the leaked data breach also includes top MNC like Adobe too.
The report also highlights that Microsoft big data breach has also leaked tons of source codes which were from almost 10-15 different products from numerous companies. As this leaked data was available online one can replicate the product and sell it for a much cheaper price.
Anyway if you want more details about the data breach do check out the link here.