Recently, Microsoft filed a lawsuit in the Eastern District of Virginia against a group of hackers, accusing them of illegally infiltrating the Azure OpenAI platform and using the service to generate a large volume of harmful content. This incident has raised further concerns about security and risks in the field of artificial intelligence.
According to Microsoft's lawsuit, these hackers are based overseas. They successfully bypassed security measures by scraping customer credentials from public websites and gained access to the Azure OpenAI system. After obtaining customer access, the hackers not only altered the platform's functions but also resold it to other malicious users, providing detailed instructions on how to use these AI tools to generate illegal content. While Microsoft has not disclosed the specific nature of the content generated by these hackers, it stated that such content severely violated the company's policies and terms of service.
In response to this security breach, Microsoft has implemented several new security measures aimed at strengthening the defense capabilities of the Azure OpenAI platform to prevent similar incidents from occurring in the future. Additionally, Microsoft has requested the court to seize websites associated with the hackers' operations to collect evidence, trace the responsible parties, and dismantle the infrastructure supporting illegal activities.
Microsoft pointed out that the actions of these hackers violate multiple U.S. laws, including the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act, and federal extortion laws. Microsoft aims to hold these criminals accountable through legal means.
