Microsoft Takes Legal Action Against Group for Abusing Azure OpenAI Service
Microsoft has recently filed a lawsuit against a group of individuals accused of intentionally exploiting the safety measures of its cloud AI products. The complaint was lodged in December in the U.S. District Court for the Eastern District of Virginia, alleging that the defendants used stolen customer credentials and custom-designed software to breach the Azure OpenAI Service.
The company, referring to the defendants as “Does” in the legal documents, asserts that they violated several laws, including the Computer Fraud and Abuse Act and the Digital Millennium Copyright Act. The group allegedly accessed Microsoft’s software and servers to generate offensive and harmful content, in violation of the service’s acceptable use policy.
Microsoft’s investigation revealed that the defendants obtained API keys from Azure OpenAI Service customers, enabling them to create a “hacking-as-a-service” operation. The defendants utilized a tool called de3u to generate images using OpenAI models without authorization, bypassing Microsoft’s content filtering mechanisms.
Image Credits:Microsoft
Microsoft’s legal action aims to obtain injunctive relief and damages for the unauthorized use of its services. The company has also secured court authorization to seize a website connected to the defendants’ activities to gather evidence and disrupt their operations. Additionally, Microsoft has implemented enhanced safety measures on the Azure OpenAI Service to prevent similar abuses in the future.
