Microsoft contractors in China listened to Skype recordings with woefully bad levels of cybersecurity, report reveals

Advertisement
Microsoft contractors in China listened to Skype recordings with woefully bad levels of cybersecurity, report reveals

Satya Nadella Microsoft

AP Photo/Mark Lennihan

Microsoft CEO Satya Nadella.

  • An anonymous Microsoft contractor who worked grading audio snippets from Skype conversations and Cortana recordings revealed to the Guardian that "no security measures" were taken to protect the audio clips.
  • The contractor, who worked out of Beijing, had access to the recordings through a Chrome web app through a Microsoft account login. He said that all the contractors' accounts shared the same password.
  • Last year a series of reports provoked public outcry after big tech companies including Microsoft, Amazon, and Google were revealed to be giving customers' audio recordings to human contractors for grading.
  • Visit Business Insider's homepage for more stories.

Microsoft contractors working in China were able to listen to people's Skype conversations and Cortana recordings through a system woefully lacking in cybersecurity, the Guardian reports.

An anonymous Microsoft contractor who worked out of Beijing for years told the Guardian that he was able to listen to recordings of users with practically "no security measures." The contractor's work involved listening to short audio clips from Skype conversations and instructions given to Cortana (Microsoft's voice-assistant) to grade them for quality.

Advertisement

The contractor accessed the recordings which were selected to help grade and improve Microsoft's services through a Google Chrome web app on his personal laptop.

"They just give me a login over email and I will then have access to Cortana recordings," he told the Guardian. "I could then hypothetically share this login with anyone."

He said that he and other contractors were instructed to access the clips through company-issued accounts which all shared the same password. He added that employee vetting was practically nonexistent.

Advertisement

The contractor was able to listen to incredibly sensitive audio recording through this system.

"I heard all kinds of unusual conversations, including what could have been domestic violence," he said, according to the Guardian. "It sounds a bit crazy now, after educating myself on computer security, that they gave me the URL, a username and password sent over email."

On top of the usual security risks associated with such low cybersecurity, the employee noted that his location in China made the recordings especially vulnerable.

Advertisement

"Living in China, working in China, you're already compromised with nearly everything," he said.

Last year Vice revealed that Microsoft had employed contractors to listen to clips of recordings from users' Skype conversations and instructions given to Cortana, Microsoft's voice assistant.

The story was part of a slew of reports revealing big tech companies including Amazon, Apple, and Google were sending private recordings from their voice-assistants to human contractors for grading.

Advertisement

The reason given for allowing contractors to listen to these clips was to grade the audio and improve the services, although all the companies subsequently changed their policies after the reports sparked a privacy outrage.

A Microsoft spokesperson told the Guardian the company ended its grading programmes for Skype, Cortana, and Xbox, and that the remainder of its human grading takes place in "secure facilities," none of which are in China.

Microsoft was not immediately available to comment on the Guardian's report when contacted by Business Insider.

Advertisement

You can read the full Guardian report here.

Do you work at Microsoft? Got a tip? Contact this reporter via email at ihamilton@businessinsider.com or iahamilton@protonmail.com. You can also contact Business Insider securely via SecureDrop.

Signup Today: Free Daily Newsletter from Business Insider Intelligence

{{}}