Share this entry
It was recently discovered that an exposed database containing just over 500,000 sensitive records equalling 425gb of data was breached. These sensitive records were directly linked to a cash advance app that provides high interest, short term loans and credit advances to small businesses. The data included sensitive information such as, tax returns, bank statements, scanned bank checks, bank account access information, drivers licenses, social security numbers, and more.
The cause of the breach was determined after a third party investigation and appeared to be an exposed S3 bucket. This particular S3 bucket was completely unencrypted, not even a password to protect its contents. After discovering the breach a third-party service attempted to contact the company but received no response. After not hearing back AWS was contacted who shut down the S3 bucket immediately.
This seems to be a case of both negligence and a simple S3 misconfiguration. S3 bucket misconfigurations are a common cause of data breaches in today’s world. Securing S3 buckets is not difficult, as they come with their own encryption methods built in. Data security is a serious business and dealing with records as sensitive as the ones in this breach requires careful planning.
Companies should always encrypt and password protect their S3 buckets and/or storage containers. Protocols and contingencies need to be put in place to safeguard the data in the event of an accident occurring. Common accidents are backing up data and restoring it, and forgetting to password protect the new data set. Accidentally leaking a private S3 bucket to a public cloud. Not securing individual access to certain secure S3 buckets. These all factor into the realm of human error and human error while unstoppable can be mitigated.
Monitoring access of authorized and unauthorized identities, educating employees, and following careful procedures when working in the cloud, and procuring proper services and tools are all steps that can be taken to reduce the risk of a data breach. Looking to avoid an exposed database? Find the right tools to help protect your environment.
Learn more about this cloud security data breach from ZDNet.
THE ARCHITECT
The Newsletter for Cloud Security Leaders. 1x a month.
Get a Comprehensive Cloud Identity Audit
Request Your AuditRead the latest news and insights
Sonrai cloud security platform, products and services are covered by U.S. Patent Nos. 10,728,307 and 11,134,085, together with other domestic and international patents pending. All rights reserved.