This podcast episode discusses threat intelligence vendor SOCRadar's disclosure of a large Microsoft data leak and the contentious exchange between the two companies that followed.
This Risk & Repeat podcast episode discusses the Microsoft data leak that was discovered and publicized by threat intelligence vendor SOCRadar.
According to SOCRadar, the leak contained the data from "65,000+ entities in 111 countries" and was exposed via a misconfigured Azure Blob Storage instance. SOCRadar dubbed it -- and a series of other data leaks allegedly totaling 150,000 companies in 123 different countries -- as BlueBleed.
While Microsoft did confirm a leak had occurred, it disagreed with SOCRadar's reporting and said the 65,000 figure was "greatly exaggerated." Additionally, the tech giant criticized SOCRadar's BlueBleed tool that enables users to search for domain names that the threat intelligence vendor tracked as being part of the Microsoft data leak.
"We are disappointed that SOCRadar has chosen to release publicly a 'search tool' that is not in the best interest of ensuring customer privacy or security and potentially exposing them to unnecessary risk," Microsoft's security advisory read. "We recommend that any security company that wants to provide a similar tool follow basic measures to enable data protection and privacy."
SOCRadar later responded to these critiques in a follow-up to its original blog post, as well as in comments to TechTarget Editorial. SOCRadar's handling of the leak has led to debate about when a leak is considered a data breach. Have I Been Pwned founder Troy Hunt called BlueBleed a "data breach" on Twitter, for example.
Got asked a few times yesterday about the Microsoft breach that's being marketed (I think that's a fair term) as "BlueBleed". Finally got to go through it in real time during yesterday's live stream, deep link to where I discuss it here: https://t.co/uOE1FBJDw2— Troy Hunt (@troyhunt) October 21, 2022
TechTarget editors Rob Wright and Alex Culafi discuss BlueBleed, the contentious exchanges between Microsoft and SOCRadar and data breaches as a whole on this podcast episode.
Subscribe to Risk & Repeat on Apple Podcasts.
Alexander Culafi is a writer, journalist and podcaster based in Boston.