Microsoft Azure OpenAI Service
Incidents involved as Deployer
Incident 9561 Rapport
Alleged Inclusion of 12,000 Live API Keys in LLM Training Data Reportedly Poses Security Risks
2025-02-28
A dataset used to train large language models allegedly contained 12,000 live API keys and authentication credentials. Some of these were reportedly still active and allowed unauthorized access. Truffle Security found these secrets in a December 2024 Common Crawl archive, which spans 250 billion web pages. The affected credentials could have been exploited for unauthorized data access, service disruptions, financial fraud, and a variety of other malicious uses.
PlusIncidents implicated systems
Incident 9556 Rapports
Global Cybercrime Network Storm-2139 Allegedly Exploits AI to Generate Deepfake Content
2024-12-19
A global cybercrime network, Storm-2139, allegedly exploited stolen credentials and developed custom tools to bypass AI safety guardrails. They reportedly generated harmful deepfake content, including nonconsensual intimate images of celebrities, and their software is reported to have disabled content moderation, hijacked AI access, and resold illicit services. Microsoft disrupted the operation and filed a lawsuit in December 2024, later identifying key members of the network in February 2025.
PlusIncident 12863 Rapports
Purportedly AI-Assisted Citation Errors Allegedly Found in Newfoundland and Labrador's 2025 Health Workforce Report by Deloitte
2025-05-29
A Deloitte-authored Health Human Resources Plan released by Newfoundland and Labrador in May 2025 was later reported by The Independent to contain several inaccurate or apparently non-existent research citations. Researchers named in the disputed citations reportedly denied authoring the referenced papers. Deloitte stated that AI was selectively used to support some citation work and that it is revising the report.
Plus