Thousands of exposed GitHub repos, now private, can still be accessed through Copilot

Security researchers from Lasso, an Israeli cybersecurity company, have discovered that data briefly exposed on the internet can persist in online generative AI tools like Microsoft Copilot. This issue affects thousands of GitHub repositories, including those from major companies such as Microsoft, Amazon Web Services, Google, IBM, PayPal, and Tencent. Lasso found that even after repositories were set to private or deleted, their data remained accessible through Copilot due to caching by Microsoft's Bing search engine. This exposure could potentially reveal confidential information, intellectual property, and sensitive corporate data.

Lasso informed Microsoft of these findings in November 2024, but Microsoft classified the issue as "low severity" and considered the caching behavior "acceptable." Although Microsoft stopped including links to Bing's cache in search results starting December 2024, Lasso noted that Copilot still had access to the data, suggesting only a temporary fix. Lasso has reached out to affected companies, advising them to rotate or revoke compromised keys, but none of the companies or Microsoft responded to inquiries from TechCrunch.

Key takeaways:

Data briefly exposed on the internet can persist in generative AI tools like Microsoft Copilot, even after being made private.
Lasso, an Israeli cybersecurity company, found that over 20,000 since-private GitHub repositories still had data accessible through Copilot, affecting more than 16,000 organizations.
Copilot could potentially return confidential data from affected companies, including intellectual property and sensitive corporate information.
Microsoft classified the issue as "low severity" and disabled Bing's caching feature, but Copilot still had access to the data, indicating a temporary fix.

Thousands of exposed GitHub repos, now private, can still be accessed through Copilot | TechCrunch

Key takeaways:

Comments (0)

Newsletter