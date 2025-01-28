OCR and image recognition data are being stored insecurely in OneDrive for Business, expert claims

Locally stored data is putting companies at risk of leaks

Hybrid working amplifies the security challenges

Security expert Brian Maloney has criticized Microsoft for storing OneDrive for Business files insecurely on users’ devices.

He claims the popular cloud storage tool allegedly stores data obtained from image OCR in an unsecured database on account holders’ PCs, putting them at risk of data exfiltration.

Although there are benefits to storing data locally, it can pose security concerns if the storage is inadequately protected, Maloney has claimed.

OneDrive for Business storing files locally, but insecurely

Microsoft, together with other companies like Apple, uses OCR (optical character recognition) and image recognition to enhance search and other features.

In a series of X posts, Maloney wrote: “Just a heads up. M$ is OCRing all your images in OneDrive for business in an unsecured database on your desktop/laptop. Happy Friday. #DFIR.”

Because OCR is stored in plain text, attackers who are successful in obtaining access to the databases can acquire potentially sensitive information from unknowing victims.

vx-underground.org added to Maloney’s work on X, sharing: “Any image saved with OneDrive is stored locally in a SQLite file (for offline mode, or something).”

Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

Although business-issued hardware typically involved additional layers of security, such as encrypted storage, biometric security, and access to company systems via protected networks such as VPNs, the rise of hybrid working now means that more workers are accessing their business accounts, including OneDrive for Business, from their own personal hardware, which might not have such strong protection.

TechRadar Pro has asked Microsoft to comment on its decision not to protect OCR databases, but we have not received an immediate response.

In the meantime, users should consider only enabling features that they intend to use in order to minimize risk. Employees should also be vigilant to attacks, including avoiding clicking on suspicious links and sharing credentials online.