Detect confidential data leaking from Azure Blob Storage with CybelAngel

Talking about Cloud migration and the impact on data protection is among the favorite truisms of digital risk protection vendors. Count us guilty as charged. It doesn’t mean the pain isn’t real for Info-Sec teams. Confidential documents have actually started leaking from so many different Cloud ecosystems at once, it’s hard to keep up.   

Azure Blob Storage: the latest bucket Cloud provider to hit the data breach headlines

On paper, Cloud buckets are the easiest things to set up and secure. Let’s face it though: the news is filled with exposed data made publicly available on misconfigured instances. After Amazon Web Services S3 and Google Cloud Storage, Azure Blob Storage data breaches have started to raise a lot of concerns.   Also read: Proactively secure misconfigured Google Cloud Storage buckets with CybelAngel Fueled by ongoing demand for Teams, Windows Virtual Desktop, and other Microsoft services as lockdowns tightened, Microsoft’s Azure growth rate accelerated in Q4 2020, up by 50% to boost its market share in the global cloud services market to 20% (source: Canalys). Microsoft has focused on driving Azure consumption across all customer segments through annuity sales programs and customer success investments, as well as targeted incentives for its global partner channel.  Even for clients working with Azure Information Protection, the risk to see confidential data publicly accessible is real. Because the problem originates from outside of organizations’ corporate ecosystems. In every news story about Azure breaches described below, a provider left storage instances publicly accessible.  

  • An offshore private bank leaks investment portfolio information 

In December 2020, an offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data, and even online banking PINs. Read “Cayman Islands Bank Records Exposed in Open Azure Blob” on ThreatPost  

  • A B2B app developer exposes secrets from enterprises and their clients

In Dec. 2020, a business app developer’s unsecured Microsoft Azure blob left more than half a million confidential and sensitive documents freely exposed to the public internet. Information included occupational health assessments, insurance claim documents from US firms underwritten by Lloyds of London, and senior barristers’ private opinions about junior colleagues applying for promotion. Read “Unsecured Azure blob exposed 500,000+ highly confidential docs from UK firm’s CRM customers” on The Register  

  • A sports association renders public IDs of hundreds of journalists

Feb. 2021, a publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world. These sensitive documents were hosted on a Microsoft Azure blob storage share that was publicly accessible to anyone. Leak origin was identified as the European Volleyball Association. Read “Exposed Azure bucket leaked passports, IDs of volleyball reporters” on BleepingComputer   Securing confidential data across the entire supply chain has become an issue. That’s why CybelAngel has come up with an easy-to-implement, actionable solution.  

Introducing unmatched Azure Blob Storage scanning and monitoring

Our team is happy to announce we are extending our Data Breach Prevention solution to Azure Blob Storage. CybelAngel is now the only Digital Risk Protection Solution providing data leakage protection across the top 3 bucket Cloud Storage providers: AWS, Google Cloud Platform, and Microsoft Azure.

  • Unmatched detection capabilities. We scan active, publicly-accessible Azure Blob Storage at the file-path level for critical documents. 
  • Analyst-powered matching with custom rules. We create custom matching rules with your teams, to alert you on what matters, quickly.
  • Unique Machine Learning filtering and pre-contextualization. We leverage the biggest dataset on the market to apply Machine Learning algorithms that automatically discard 99.5% of the alerts as true negative or non-critical true positives.
  • Data Leaker Identification. Our cyber-analysts investigate true positives to identify the origin of the event, before sending out your Incident reports.

  Detect critical financial information, confidential intellectual property, and sensitive PIIs exposed on Azure Blob Storage buckets before they are breached. No matter whether the incident originated in the negligence of a provider, an employee or a partner: if your data is leaking, CybelAngel will find it.   Unsure whether your critical data is leaking from misconfigured Azure Blob Storage containers?  Request your free Exposure Dashboard.