Microsoft has claimed that cybersecurity firm SOCRadar exaggerated the scale and potential danger of exposed Microsoft customer data leaked from a misconfigured Azure Blob.

Azure Blob is a type of object storage developed by Microsoft for cloud-native workloads, archives, data lakes, high-performance computing, and machine learning.

The misconfiguration resulted in the potential for unauthorised access to business transaction data relating to prospective Microsoft customers. Microsoft said that there was no indication that customer accounts had been compromised.

The company added that the issue has been resolved and those impacted have been notified.

SOCRadar claims that data relating to over 65,000 organisations was at risk after its team found the exposed Azure Blob. It said it discovered links to other Blobs which could potentially compromise the sensitive data of over 100,000 organisations.

The company called this exposure “BlueBleed” and claimed it was one of the most significant leaks recorded in recent years. It released a BlueBleed search tool for organisations to use to see if they had been affected. It has now suspended the tool following the criticism from Microsoft.

In a blog post on its website, Microsoft said: “We appreciate SOCRadar informing us about the misconfigured endpoint, but after reviewing their blog post, we first want to note that SOCRadar has greatly exaggerated the scope of this issue.”

It added: “Our in-depth investigation and analysis of the dataset shows duplicate information, with multiple references to the same emails, projects and users. We take this issue very seriously and are disappointed that SOCRadar exaggerated the numbers involved in this issue even after we highlighted their error.”

Responding the criticism, SOCRadar said: “What we aim for with the BlueBleed search engine is basically an enterprise version of Have I Been Pwned, where organisations can search if their data was exposed in some of the cloud data leaks our CSM [cloud security module] has detected so far.”

The firm added: “We are highly disappointed about MSRC’s comments and claims after all the cooperation and support provided by us that absolutely prevented the global cyber disaster.”

Share Story: