Another cloud incident: Stolen Microsoft key may have opened up a lot more than US government email inboxes

Mayby Storj marketing can make something from it:

A stolen Microsoft security key may have allowed Beijing-backed spies to break into a lot more than just Outlook and Exchange Online email accounts.

Incredibly as it sounds, and it really does deserve wider coverage, someone somehow obtained one of Microsoft’s internal private cryptographic keys used to digitally sign access tokens for its online services. With that key, the snoops were able to craft tokens to grant them access to Microsoft customers’ email systems and, crucially, sign those access tokens as the Windows giant to make it look as though they were legitimately issued.

“Our researchers concluded that the compromised MSA key could have allowed the threat actor to forge access tokens for multiple types of Azure Active Directory applications,” Tamari explained on Friday.

This includes Microsoft applications using OpenID v2.0 access tokens for account authentication, such as Outlook, SharePoint, OneDrive, and Teams, we’re told.

Also, according to Wiz, it spans customers’ own applications that support the “login with Microsoft” functionality, plus multi-tenant applications configured to use the “common” v2.0 keys endpoint instead of the “organizations” one. Applications using OpenID v1.0 remain safe.

Politicians in the US are getting concerned and demanding action:

Maybe they should switch to Storj DCS? :grinning:


Azure AD (now renamed to Entra) is far more than Cloud Storage so not a hope in hell.


However, they can migrate their storage maybe in 0 costs if they contact us.


There’s no way Storj has enough capacity to absorb all of Azure’s data…… is there?

If Microsoft reports that just SharePoint alone grows by 100 petabytes monthly, no, not really.

hate to say, buy mayby the way is to partner with Microsoft? So they can offer storj as a comming back from this blamage … idk like “Guys, guys, we messed up! if You want to have files super save from now on! here, we partnered with Storj Labs, and we make it available for our clients!”

One of the reasons for that is most Office plans include 1TB of Onedrive space - and 1TB for Sharepoint.
Now, I loathe Onedrive as a solution. Particularly when people try to use the sync with Sharepoint to give themselves mapped folders. We have no end of tickets for the sync breaking. The web page login works far better but most people don’t want to use it.

I’d rather stick with Nextcloud…

Very simple no. But if only a few of those customers who are using it for storage only would move their data to Storj DCS, that would be already a great achievement.

1 Like

If the all Azure customers would start to migrate data, I believe SNO will notice that and extend their capacity accordingly. We saw that many times.
If there is a demand, the supply would be there too.


Yes that will happen. My comment was about the current available capacity. And that would certainly be not sufficient.

We are back to the bad old days of the browser wars.
Microsoft has integrated Edge tightly into M365 such that it caches your M365 credentials, particularly on an Azure AD joined machine.
If you want to or have to use Sharepoint then Edge is really the only option for the web interface to it.

1 Like

They always want to do so, as long as I remember.

1 Like

Yep. Embrace, extend, extinguish has been their motto for as long as I can remember.

1 Like