This Year: Top 10 Cloud Storage Security Gaps
The Cyber Risk Team at UpGuard revealed that Accenture didn`t properly protect no fewer than 4 AWS S3 storage buckets, as a result, they are open for a public access. This gap undermines security of authentication credentials, secret API data, digital certificates, decryption keys, information about the user, and other types of information. UpGuard stressed that this problem could cause a vast financial loss, because now hackers have opportunity to exploit the keys in order to disguise themselves as Accenture employees and to steal different sensitive data they need.
A large Viacom company also left its data insecure on a AWS S3 cloud storage bucket, which is available for a public download. This allows attackers to take control over its IT infrastructure and or Internet availability. More important is that secret cloud keys of the company are also at risk, so hackers could keep an eye on its cloud-based servers.
Names, addresses, account details, and PIN numbers of millions Verizon clients were endangered because of the misconfiguration of a third-party vendor for Verizon. With customer phone numbers and their associated PIN numbers, criminals could get their hands on their accounts. This case showed the risk of trusting to a third-party vendor to deal with sensitive information.
Booz Allen Hamilton
Intelligence and protection contractor Booz Allen Hamilton made 60.000 files on S3 bucket available for the public. The cache of approximately 28GB of data contained credentials for a chief engineer, passwords to a US government system, and a half-dozen unencrypted passwords for government contractors involving in Top Secret Facility Clearance.
The unprotected server also contained the main credentials for a data center operating system, and other ones for getting access to a Pentagon system.
World Wrestling Entertainment
In July, security specialists at Kromtech discovered a large exposed database that is at the property of World Wrestling Entertainment. An AWS S3 server was a storage for the information, but it didn`t even have user name or password security and everyone with the Web address could use it.
Investigators uncovered two publicly available S3 buckets: the first one contained some confidential information of a user in the period of 2014-2015 and the second one had data of 2016 that were peculiar to European customers.
A data breach at Dow Jones & Co. put at risk account information, actual and email address, and the last four digits of credit card numbers of many customers. The breach also took roots into 1.6 million entries in Dow Jones Risk and Compliance, a complex of databases used by financial organizations to correspond to money laundering prevention standards.
Dow Jones informed that 2.2 million people were hit; but UpGuard revealed another number: 4 MILLION VICTIMS!
Republican National Committee
The unprotected AWS S3 bucket was the main reason for putting at risk the personal data of 198 million American voters from Deep Root Analytics firm that works under the authority of the Republican National Committee.
The affected data involved dates of birth, phone numbers, racial background details that were reported by clients themselves, home and mailing addresses, and party memberships.
A third-party TalentPen vendor dealing with new job seekers, periled the personal information of thousands of Americans because of storage it on a misconfigured AWS S3 bucket without proper password protection. Resumes and applications to work for private security firm TigerSwan predominate among the 9,402 affected documents.
All the files contained the private information of people such as driver`s license numbers, passport numbers, and partial Social Security Numbers.
Time Warner Cable
One more trouble happened to about four million Time Warner Cable (TWC) customers in the US. Kromtech Security Center discovered two AWS S3 buckets available for the Internet due to global communication software and service provider Broadsoft misbehavior.
There were thousands of records and reports for Broadsoft clients with TWC on two exposed buckets.
Kromtech suggests it was engineers` fault because they never closed the public configuration and as a result, made it easier for anyone to access the data online.