Published on January 14th, 2020 📆 | 3364 Views ⚑0
Microsoft Allowed Workers In China To Grade Skype, Cortana Audio With No Security Measures
2019 was the year security and privacy lapses came in hoards. Facebook, Twitter, and Google are just some of the big names to have been associated with such lapses in 2019. Now, in the dawn of 2020, Microsoft has been added to this growing list of names. A Microsoft program to transcribe and examine audio recordings from Skype and Cortana ran for years with “no security measures”.
In a report published by The Guardian, a former contractor reveals how he had access to thousands of potentially sensitive recordings of people via his personal laptop, sitting at home. To access the recordings, the contactor simply had to log in to a web application provided by Microsoft.
When hired, the grader had to work from an office but was then eventually allowed to work from his house. Upon signing, he was sent the username and password in plaintext, along with the URL for the web application. What’s even worse is that the password given to the contractor was the same as any other employee who joined in any given year.
SEE ALSO: 2019 In Focus: The Year Big Tech Tried To Fight User Privacy Concerns But Failed Anyway
“I heard all kinds of unusual conversations, including what could have been domestic violence. It sounds a bit crazy now, after educating myself on computer security, that they gave me the URL, a username and password sent over email.”
Not only could this private information be misused by a rogue employee, but this login information could also be shared with anyone. Building on these concerns is the possibility that the Chinese state government could’ve had access to all these recordings. “Living in China, working in China, you’re already compromised with nearly everything,” the contractor said to The Guardian.
This lapse was first reported by The Vice back in August 2019. But the extent of potential security hazards wasn’t known until now.
SEE ALSO: PayPal-owned Browser Extension Honey Was Deemed ‘A Security Risk’ By Amazon
In response to this lapse, Microsoft claims it has made changes by moving its review programs to “secure facilities”, none of which are in China.
“This past summer we carefully reviewed both the process we use and the communications with customers. As a result we updated our privacy statement to be even more clear about this work, and since then we’ve significantly enhanced the process including by moving these reviews to secure facilities in a small number of countries.”