Microsoft Has Closed Azure Bug That Exposed Customer Data

Microsoft stated that no malicious actors took advantage of the substantial vulnerability to access customer data.
Conor Cawley

Microsoft Azure users dodged a bullet recently, as the tech giant announced that it has closed a bug in the platform that could've given malicious actors access to customer data.

Protecting the personal information of your customers is no easy feat in 2022. Security breaches continue to plague the business world, and frequent updates haven't been able to close the loopholes fast enough.

Fortunately, Microsoft was able to get ahead of this one, as the company stated they were able to fix the bug in Azure before any customer data was compromised.

Microsoft Azure Bug Found by Orca Security

In December, Microsoft was alerted to a bug in its Azure Automation service by Orca Security. According to the cloud security firm, the vulnerability “allowed unauthorized access to other Azure customer accounts using the service.” As for how that could've affected customer data, Orca Security says it could've been pretty bad.

“You could have very easily gotten a lot of access to a lot of customers,” said Yoav Alon, CTO at Orca Security.

Microsoft has reportedly informed all Azure customers with an account about the vulnerability. Fortunately, Microsoft was alerted to the bug before any personal information was compromised. Still, it was more than a close call for one of the world's most reputable tech companies, and the Microsoft Security Response Center was quite glad that Orca Security caught it before anything happened.

“We want to thank Yanir Tsarimi from Orca Security who reported this vulnerability and worked with the Microsoft Security Response Center (MSRC) under Coordinated Vulnerability Disclosure (CVD) to help keep Microsoft customers safe,” they said in a statement.

The Importance of Security

Even if you aren't a big company like Microsoft, cyber threats are quite common among small to medium-sized businesses. In fact, attacks on SMBs are arguably more common, according to some studies. And with cyber-attacks costing small businesses $200,000 on average, it's safe to say securing your company has never been more important.

Plus, with the Russian invasion of Ukraine, shoring up your company's security is more important than ever. In fact, some companies are taking the potential online threats stemming from the conflict quite seriously, offering their services for free to mitigate cybersecurity risks.

Still, you should always be diligent to protect your company from threats. VPNs, password managers, antivirus software, and remote access platforms are all designed to keep your company as safe as possible, even if you're in the crosshairs of hackers.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Conor is the Senior Writer for Tech.co. For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at conor@tech.co.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals