Potential Microsoft Azure Data Breach with Cosmos DB

There is news coming out from now is the potential Microsoft Azure data breach with Cosmos DB. The security research organization Wiz found this breach on 9th Aug and reported it to Microsoft on the 12th of Aug. The Wiz team named the vulnerability #ChaosDB.

It’s interesting to hear that Wiz’s Chief Technology Officer, Ami Luttwak, is a former chief technology officer at Microsoft’s Cloud Security Group. It seems Microsoft agreed to pay $40,000 for finding the flaw and reporting this #ChaosDB vulnerability.

ChaosDB – Vulnerability Disabled within 48 Hours

The #ChaosDB is impacting the Cosmos DB of Azure customers without the need for any credentials. It is being reported that the Microsoft team disabled the vulnerable notebook feature within 48 hours after Wiz reported it. As per Wiz, there are two parts to this vulnerability.

  • Stealing primary keys of Cosmos DB customers
  • Accessing customer data in Cosmos DB
Potential Microsoft Azure Data Breach with Cosmos DB
Potential Microsoft Azure Data Breach with Cosmos DB

Are you impacted by Azure Cosmos DB Data breach?

As per Wiz’s blog post, every Cosmos DB account that uses the notebook feature created after February 2021 is potentially exposed.

Patch My PC

How to Fix Microsoft Azure Data Breach with Cosmos DB

As per the reports, the impacted organizations can follow the steps mentioned in the Microsoft documentation. You will have to secure access to data in Azure Cosmos DB.

Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with over 17 years of experience (calculation done in 2018). He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…..…

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.