from Hacker News

Microsoft Azure Hit with the Largest Data Breach in Its History

by CKMo on 2/20/24, 1:19 AM with 4 comments

  • by SonOfLilit on 2/20/24, 1:36 AM

    Seems to be this Proofpoint blogpost about a phishing campaign:

    https://www.proofpoint.com/us/blog/cloud-security/community-...

    being blown out of proportions by a series of obscure news websites exaggerating each other's stories.

    Edit: for a real interesting Microsoft security disaster (not exploited in the wild AFAIK) check out ChaosDO by Wiz:

    https://www.wiz.io/blog/chaosdb-explained-azures-cosmos-db-v...

  • by xkgt on 2/20/24, 2:16 AM

    This is really shoddy reporting. The title says Azure data breach whereas the attack is a phishing campaign targeting Office 365. Being a phishing campaign, it is unclear which components of Azure/Microsoft were instrumental in the attack. And the article goes on to make irrelevant allusions to Microsoft's negligent cybersecurity practices. This is such bad reporting that I wonder whether it is done with incompetence or malfeasance.

  • by yazzku on 2/20/24, 1:39 AM

    Microsoft should be considered a threat to national security, particularly in the US. Their clear disregard for product quality at this point is beyond measure and requires government intervention.

    > These links led to phishing websites but the anchor text of these links was “View Document”.

    Fucking noobs.