In response to a detailed report from news site Motherboard, Microsoft says it’s contacting thousands of Azure customers whose account information could be accessible due to configuration errors in their cloud-based storage services. Some of these customers may have even been targeted by hackers seeking this information, Motherboard reports. In response, Microsoft says it’s now taking steps to ensure this doesn’t happen again, while also reaching out to impacted customers and providing refunds or credits where appropriate.
Microsoft has warned thousands of its Azure customers that their accounts may have been compromised by intruders. The company says that the intruders may have gained access to customer information, such as names, email addresses, and account details. In a statement, Microsoft said We recently identified a limited breach involving fewer than ten organizations in the US. They also went on to say In response we found one compromise where an intruder had obtained elevated privileges and accessed content on a small number of other organizations’ clouds hosted on Azure. We determined this activity was not widespread but enough for us to notify our customers so they could take appropriate steps.
Details on how this could happen
As businesses increasingly move to the cloud, they’re also becoming more vulnerable to attacks. In a recent blog post, Microsoft warned thousands of Azure customers that their account information may have been exposed. The company detected intrusions on September 22nd and September 26th and believe some customer data could have been compromised. Intrusions are defined as unauthorized access to systems or networks, so it’s possible that customer names, email addresses, passwords and other sensitive information was accessed. But since Microsoft doesn’t know for sure what has been taken, users should change their passwords and monitor any accounts closely for suspicious activity. It’s important to keep security top-of-mind when moving operations online. If you want to keep your business safe from intrusion in the cloud, make sure you follow these steps:
Justify your changes with paragraph two or three . Include the new introduction sentence at the beginning of this continuation.
Potential impact on companies affected
The potential impact on companies affected by this news is significant. For one, it could mean that sensitive data has been exposed to unauthorized individuals. Additionally, it could lead to a loss of customer trust and confidence in the security of Azure. Finally, it could also result in financial damages as a result of increased security costs or litigation. As such, any company impacted by this announcement should take steps to address the problem.
There are three ways for any company using Azure storage services with unmanaged disks to remediate their storage for potential data exposure:
- Delete all contents from disks;
- Re-upload encrypted content;
- Upload new unencrypted content. Any individual or organization using these services should carefully consider their options before proceeding and consult with their IT teams if they have any questions.
How to prevent these intrusions
As more and more businesses move to the cloud, it’s important to be aware of the potential security risks. In this blog post, we’ll explore what cloud intrusions are and how you can prevent them. For starters, intrusions are when unauthorized people access your account without your permission. If someone gains access to your account through a phishing email or some other means, they may be able to see personal information such as your messages or documents stored on Office 365 or OneDrive for Business. They might also be able to reset your password and gain full control over your account.
In order to protect yourself from these intrusions, it’s essential that you use multi-factor authentication (MFA). MFA is an additional layer of protection beyond just using a password that asks for something like a code sent via text message or an app on your phone before giving access to the service. Microsoft recommends using two-step verification which uses both passwords and either codes sent via text message or an app on your phone.