Collaborate Disseminate
Pentagon contractor left 1.8 billion mostly benign publicly accessible social-media posts scraped from the internet on a publicly accessible Amazon storage bucket. Continue reading CENTCOM Says Massive Data Cache Found on Leaky Server is Benign
A Department of Defense database containing 1.8 billion scraped internet posts over a span of eight years was left publicly exposed, according to researchers from the cybersecurity firm UpGuard. Researcher Chris Vickery discovered the trove, first reported by CNN. Vickery and UpGuard have made a name for themselves sniffing out mistakenly publicly exposed databases over the last year including data on 200 million voters, one gigabyte of sensitive files from Viacom and information on 14 million Verizon customers. “With evidence that the software employed to create these data stores was built and operated by an apparently defunct private-sector government contractor named VendorX, this cloud leak is a striking illustration of just how damaging third-party vendor risk can be, capable of affecting even the highest echelons of the Pentagon,” UpGuard’s Dan O’Sullivan wrote in a blog post. In June, Vickery found 60,000 sensitive files left publicly exposed by leading U.S. government contractor Booz Allen Hamilton. Vickery found the exposed […]
The post Pentagon left AWS databases publicly exposed appeared first on Cyberscoop.
Continue reading Pentagon left AWS databases publicly exposed
Enterprises are grappling with widespread incidents of misconfigured servers leaking sensitive data to the public internet. Continue reading Data Pours from Cloud—And ‘The Enemy is Us’
Global consulting firm Accenture is the latest giant organization leaving sensitive internal and customer data exposed in a publicly available Amazon Web Services S3 storage bucket. Continue reading Internal Accenture Data, Customer Information Exposed in Public Amazon S3 Bucket
Mike Mimoso talks to Chris Vickery of Upguard of the recent rash of Amazon S3 data leaks. Continue reading Chris Vickery on Amazon S3 Data Leaks
The American media giant Viacom left one gigabyte of sensitive files publicly exposed, according to researchers from the cybersecurity firm UpGuard. It’s the latest in a long string of incidents in which a wide spectrum of companies have found out that moving to cloud computing like Amazon Web Services can come with cybersecurity pitfalls resulting from misconfiguration mistakes. The exposed files included Viacom’s secret cloud keys — information that a hacker could have used to take control of the company’s cloud servers. “Such a scenario could enable malicious actors to launch a host of damaging attacks, using the IT infrastructure of one of the world’s largest broadcast and media companies,” UpGuard’s Dan O’Sullivan explained. “The potential nefarious acts made possible by this cloud leak could have resulted in grave reputational and business damages for Viacom, on a scale rarely seen.” UpGuard researcher Chris Vickery originally found the leak Aug. 30 and notified Viacom the […]
The post Viacom left master keys exposed on a public AWS server appeared first on Cyberscoop.
Continue reading Viacom left master keys exposed on a public AWS server
Voter registration data belonging to the entirety of Chicago’s electoral roll—1.8 million records—was found a week ago in an Amazon Web Services bucket. Continue reading Vendor Exposes Backup of Chicago Voter Roll via AWS Bucket
Power Quality Engineering publicly exposed sensitive electrical infrastructure data on the public internet tied to Dell Technologies, SBC, Freescale, Oracle, Texas Instruments and the City of Austin. Continue reading Engineering Firm Leaks Sensitive Data on Dell, SBC and Oracle
Data belonging to 14 million Verizon customers was exposed by a partner, which misconfigured a repository storing the personal information it had access to. Continue reading Third Party Exposes 14 Million Verizon Customer Records
A misconfigured database containing sensitive personal information of 198 million American voters was left exposed to the internet for 12 days by a Republican data analysis firm, the largest known data exposure of its kind. According to UpGuard Cyber Risk Analyst Chris Vickery, republican contractors Deep Root Analytics, TargetPoint consulting, Inc. and Data Trust stored the data on a public cloud owned by Deep Root Analytics. The names, dates of birth, home addresses, phone numbers, and voter registration details of nearly all of America’s registered voters were exposed, including “modeled” data of voter ethnicities and religions. The enormous amount of political data, compiled by the RNC and contracting firms after Mitt Romney’s loss in the 2012 presidential election, held around 9.5 billion data points of three out of five americans, grading the 198 million registered voters on political leanings across forty-eight categories using algorithmic modeling. Vickery discovered the Amazon Web Services S3 […]
The post 200 million registered voters exposed due to open AWS repository appeared first on Cyberscoop.
Continue reading 200 million registered voters exposed due to open AWS repository