Researchers have discovered a huge gap in the main database stored on the Microsoft Corp Azure cloud platform. Saturday urged all users to change their digital passwords.
As mentioned, researchers in a company cloud security software called Wiz discovered this month that they could have gained access to the master digital keys for most users of the Cosmos DB database system, allowing them to steal, delete or change millions of archives.
As notified by Wiz, Microsoft quickly corrected a configuration error that would make it easier for any Cosmos user to log in to other customers' databases, and alerted some users on Thursday to change their keys.
In a post on Friday, Microsoft said it has warned customers who installed Cosmos Access during the weekteams. No evidence was found that any of the attackers had used the same flaw to get into customer data.
The US Department of Homeland Security's Cybersecurity and Infrastructure Security Service used strict language in press release on Friday, making it clear that you are not just referring to those who have already been informed.
When Microsoft was asked if the mode Jupyter Notebook was not properly configured or some other method was used to prevent abuse of access, Microsoft was reluctant to respond immediately.
Wiz said Microsoft had worked closely with it on the investigation, but declined to say whether previous customers were safe.
