top of page

Microsoft Locks Down Server Exposing Employee Credentials, Highlighting Ongoing Security Challenges

In a recent cybersecurity lapse, Microsoft reportedly secured a server last month that had exposed sensitive information, including passwords, keys, and credentials of its employees, to the open internet. This incident adds to the growing concerns over the tech giant's software security practices.

TechCrunch reported that the vulnerability was discovered by three security researchers at SOCRadar, a firm specializing in detecting corporate cybersecurity weaknesses. They found that an Azure-hosted server, linked to Microsoft's Bing search engine, was left open without password protection. This server contained various security credentials used by Microsoft employees to access internal systems, along with scripts, code, and configuration files.

Can Yoleri, one of the researchers, highlighted the potential risk, stating that hackers could use the exposed data to access other areas where Microsoft stores internal data, leading to more significant data leaks and possibly compromising the services in use.

Microsoft was notified about the vulnerability on February 6th and took action to lock it down by March 5th. It remains unclear if any unauthorized access occurred during this period. Microsoft has yet to comment on the situation.

This incident is part of a series of cybersecurity mishaps that Microsoft has faced in recent years. The company is currently overhauling its security practices following criticism. A review from the US Cyber Safety Review Board earlier this month suggested that Microsoft could have prevented a breach in its Exchange Online software in 2023, which allowed Chinese hackers to access US government email systems. The review accused Microsoft of developing a corporate culture that deprioritized enterprise security investments and rigorous risk management.

Armaan Mahbod, Director of Security and Business Intelligence at DTEX Systems, commented on the situation, stating, "This shows how another human error most likely is the cause for yet another security breach. Configurations of servers to be secure are always critical. Whether IT has not properly set the right access controls, or has opened the port to all on the internet, monitoring for open web portals in your organization - either corporate owned or third party - is critical."


bottom of page