Security researchers warn that data exposed to the internet for a long time will be present in online-generated AI chatbots like Microsoft Copilot, long after data became private.
According to a new study from Israeli cybersecurity company Lasso, former Github repositories of some of the world’s largest companies have been affected, including those from Microsoft.
Lasso co-founder Ophir Dror told TechCrunch that he found content from his own Github repository that appears in Copilot as it was indexed and cached by Microsoft’s Bing Search Engine. Dror said the repository had been incorrectly published for a short time, but has since been set to private and when accessed on GitHub it returned an “unfinished” error.
“Amazingly, at Copilot, we found one of our own private repositories,” Dror says. “If I browse the web, this data won’t be displayed. But anyone in the world can ask the correct question to Copilot and get this data.”
We investigated further after realising that GitHub data could potentially be published even in a short time by tools such as Copilot.
Lasso extracted a list of repositories that were published at any point in 2024, and then identified those repositories that were subsequently set to be deleted or private. Using Bing’s caching mechanism, the company has discovered over 20,000 Github repositories are still accessible through Copilot, affecting over 16,000 organizations.
Affected organizations include Amazon Web Services, Google, IBM, PayPal, Tencent, and Microsoft itself. Some affected companies could be encouraged to return copilots with sensitive Github archives that include intellectual property, sensitive company data, access keys and tokens, the company said.
Lasso is a tool that allows you to create “offensive and harmful” AI images using Microsoft’s Cloud AI service, using Copilot to retrieve GitHub Repo content since Microsoft deleted it pointed out that they hosted the
Droar said Lasso reached out to all affected businesses “severely affected” by data exposure and advised them to rotate or revoke the compromised key.
None of the affected companies named by Lasso responded to TechCrunch questions. Microsoft also did not respond to TechCrunch investigations.
Lasso has notified Microsoft of its November 2024 survey results. Microsoft told Lasso that the caching behavior was “acceptable” and classified the issue as “low severity.”
However, Lasso’s caching feature was disabled, but Copilot can access the data, indicating a temporary fix, even if it is not visible in traditional web searches.
Source link
