One mistake and Microsoft leaked 38TB of data, and account passwords are also included.

According to a report by Wiz, this data leak also included backups of the office systems of two former Microsoft employees, which included secret data, security keys, passwords and more than 30,000 internal Teams messages. Microsoft on Monday said it has taken steps to fix a major security breach that leaked 38 terabytes of personal data. The information about this data leak was obtained from the company's AI GitHub repository, which was accidentally made public by Microsoft's AI research team. According to a report by Wiz, this data leak also included backups of the office systems of two former Microsoft employees, which had secret data, security keys, passwords and more than 30,000 internal Teams messages.

The name of this repository was "robust-models-transfer". It can no longer be accessed, but when it was accessible, it was possible to view source code and machine learning models that were related to a 2020 research paper. The title of the research paper was, Do adversarially robust ImageNet models transfer better?

Wiz has said in a report that this data leak happened through the SAS token, which is used for data share of Microsoft's Azure. Information about this data leak was given to Microsoft only on June 22, 2023.

The repository's README.md file allowed developers to download Azure storage URLs. Due to a mistake, permission was given to the entire storage account, due to which this complete data was leaked. One mistake and Microsoft revealed 38TB of data, and account passwords are also included.