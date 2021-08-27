Microsoft Issues A Data Vulnerability Alert To Thousands Of Cloud Customers.

Microsoft has issued a warning to thousands of its cloud computing customers about a recently discovered hole that exposed their data for an extended period of time.

The flaw affects keys required to access Microsoft Azure’s flagship database service Cosmos DB, and it was identified by cybersecurity firm Wiz two weeks ago.

“Imagine our surprise when we discovered that we had complete unlimited access to the accounts and databases of several thousand Microsoft Azure customers, including numerous Fortune 500 companies,” Wiz wrote on its blog on Thursday.

Cosmos DB is used by companies like Coca-Cola and ExxonMobil to “handle enormous volumes of data around the world in real time,” according to Wiz.

The cloud service is utilized to store information as well as analyze and process anything from supplier orders to customer transactions.

Customers who may have been affected were contacted, according to Microsoft, but there was no evidence that the weakness had been used by bad actors.

A Microsoft spokeswoman told AFP, “We corrected this issue promptly to keep our users safe and protected.”

According to Wiz, Microsoft informed more over 30% of Cosmos DB clients that they needed to alter their access keys.

Others, though, may be at risk, according to the cybersecurity firm.

“During our brief (roughly weeklong) investigation period, Microsoft only emailed consumers who were affected,” Wiz explained. “However, for at least several months, if not years, the vulnerability has been exploitable.”

Behind Amazon, Microsoft is one of the world’s largest cloud service providers. With the rise of working from home and reliance on internet services for leisure and shopping, demand has risen during the Covid-19 pandemic.

The IT giant from the United States has recently been hit by a slew of security issues.

Microsoft revealed earlier this year that a Chinese state-sponsored hacker organization was exploiting security holes in its Exchange email services, a potentially disastrous hack that compromised at least 30,000 Microsoft email servers in government and private networks.

The company was then targeted by the same suspected Russian organization that was responsible for the SolarWinds software hack in 2020.

Microsoft executives met with US President Joe Biden this week to explore strategies to combat ransomware attacks and protect cloud computing systems from hackers.