All news with #aws s3 tag

Spartan Technology S3 Exposure of South Carolina Arrests

🔒 UpGuard Research discovered a publicly accessible AWS S3 bucket containing roughly 60 GB of MSSQL backups uploaded by a Spartan Technology employee, exposing South Carolina justice-system records spanning 2008–2018. The dataset included about 5.2 million arrest-event rows, tens of millions of related records, and sensitive PII such as names, dates of birth, driver’s license numbers and roughly 17,000 Social Security numbers. Permissions included the "AuthenticatedUsers" group, enabling broad access; Spartan removed public access the same day after notification.

Marketing PR Platform Exposed Data of Hundreds of Thousands

🔓 UpGuard identified an Amazon S3 bucket tied to iPR Software that publicly exposed over a terabyte of files, including a 17 GB MongoDB backup. The collection contained 477,000 media contacts, approximately 35,000 hashed passwords, client marketing assets, internal PR strategy documents, and credentials for Google, Twitter, and a MongoDB host. UpGuard notified iPR in October 2019; public access was removed in late November after follow-up and media engagement.

LocalBlox S3 Misconfiguration Exposes 48M Records Publicly

🔓 UpGuard discovered an Amazon S3 bucket owned by LocalBlox that was publicly accessible, exposing a 1.2 TB ndjson archive containing approximately 48 million personal profiles. The dataset aggregated names, addresses, dates of birth, scraped LinkedIn and Facebook content, Twitter handles, and other identifiers used to build psychographic profiles. UpGuard notified LocalBlox and the bucket was secured on February 28, 2018. The incident highlights how a simple cloud misconfiguration can compromise consumer privacy and enable targeted influence at scale.

Medcall S3 Misconfiguration Exposed Medical Records

🔓 UpGuard disclosed that an unsecured Medcall Healthcare Advisors Amazon S3 bucket exposed roughly 7 GB of sensitive information, including PDF intake forms, CSV files containing full Social Security numbers, and 715 recorded patient-doctor and operator calls. The bucket was publicly readable and writable with an 'Everyone - Full Control' ACL and was taken offline after UpGuard notified Medcall. The case underscores the danger of vendor misconfiguration and third-party exposure of protected health information.

Election Systems & Software Exposed 1.8M Chicago Voters

🔓The database of Omaha-based voting machine vendor Election Systems & Software was left publicly accessible on an Amazon S3 bucket, exposing records for 1.864 million Chicago voters. The exposed MSSQL backups included names, addresses, dates of birth, phone numbers, driver’s license numbers and the last four digits of Social Security numbers. UpGuard discovered the open bucket on Aug 11, 2017 and notified ES&S, which closed access the next day.

Public S3 Exposure Reveals Sensitive Customer Data at NCF

🔓 On October 3, 2017 UpGuard researcher Chris Vickery discovered a publicly accessible Amazon S3 bucket belonging to National Credit Federation containing 111 GB of internal and customer records. The repository included scanned IDs, Social Security card images, full credit reports from Equifax, Experian, and TransUnion, personalized credit blueprints, and full bank and card numbers. National Credit Federation secured the bucket after notification and UpGuard found no evidence of theft in this report. The case underscores the necessity of validating cloud storage permissions and continuously monitoring third-party risk.

LA County 211 Data Exposure: Emergency Call Records

🔒 The UpGuard Cyber Risk Team discovered an Amazon S3 bucket for LA County 211 that was publicly accessible and contained Postgres backups and CSV exports with sensitive data. A 1.3GB t_contact export included millions of records, roughly 200,000 detailed call notes and 33,000 Social Security numbers, alongside 384 user accounts with MD5-hashed passwords. The exposure dated from 2010–2016; UpGuard notified the service in March–April 2018 and confirmed the bucket was closed within 24 hours of contact.

Medico Inc. S3 Misconfiguration Exposes Patient Data

🔓 Medico Inc. left an Amazon S3 bucket publicly accessible, exposing nearly 14,000 documents (approximately 1.7GB) that included medical records, insurance claims, legal files, and internal business data. The UpGuard Data Breach Research Team discovered the bucket on June 20, 2019, and Medico closed it within hours after notification. The dataset contained unredacted PII such as SSNs, bank account numbers, and payment card data, and also included plaintext credentials that could enable further compromise.

Viacom Cloud Leak Exposed Master Controls and Keys

🔒 UpGuard researchers discovered on August 30, 2017 a publicly accessible Amazon S3 bucket named “mcs-puppet” containing seventy-two .tgz backup archives that included Puppet manifests, configuration files, keys, and credentials tied to Viacom. The repository exposed AWS access and secret keys, GPG decryption keys, and scripts referencing services such as Docker, Jenkins, Splunk, and New Relic. UpGuard notified Viacom on August 31, and the exposure was secured within hours. The incident demonstrates how cloud misconfigurations can reveal master provisioning controls and enable widespread infrastructure compromise.

ISP Exposes Administrative Credentials via S3 Misconfig

🔓On October 11, 2018 UpGuard discovered that an Amazon S3 bucket named "pinapp2" exposed 73 GB of data belonging to Pocket iNet. The downloadable "tech" folder contained plaintext administrative passwords, AWS secret keys, network configuration files, inventory lists, and photographs of hardware and towers. Pocket iNet was notified the same day and secured the exposure on October 19, 2018. The incident highlights how misconfigured S3 ACLs and poor credential hygiene can place critical infrastructure at risk.

Top Secret INSCOM Data Exposed via Public AWS S3 Repository

🔓 On September 27, 2017, UpGuard researcher Chris Vickery discovered an Amazon S3 bucket at the AWS subdomain "inscom" that was publicly accessible and contained 47 entries with three downloadable files. One download, an .ova virtual appliance named "ssdev," included a virtual hard drive with partitions and metadata labeled Top Secret and NOFORN. The exposed assets also contained private keys, hashed passwords, a ReadMe referencing the Pentagon cloud project Red Disk, and a classification-training snapshot. UpGuard notified INSCOM and the repository was promptly secured.

Misconfigured Amazon S3 Exposed Tea Party Campaign Data

🔓 On August 28, 2018 the UpGuard Cyber Risk team discovered a publicly readable Amazon S3 bucket named tppcf containing roughly 2GB of campaign files belonging to the Tea Party Patriots Citizens Fund (TPPCF). The data included call lists with full names and phone numbers for about 527,000 individuals, along with strategy documents, call scripts, and marketing assets. UpGuard notified TPPCF on October 1; permissions were briefly set to allow global authenticated users and then removed by October 5. The incident illustrates how cloud misconfiguration can expose sensitive political microtargeting data and create significant privacy risks.

AWS releases SRA Verify: Open-source SRA assessment

🔍 SRA Verify is an open-source assessment tool from AWS that automates validation of an organization’s alignment to the AWS Security Reference Architecture (AWS SRA). It runs automated checks across multiple services to verify configurations and highlight deviations from recommended patterns. The tool links checks to remediation guidance and IaC examples to help teams implement fixes more quickly. It currently covers CloudTrail, GuardDuty, IAM Access Analyzer, Config, Security Hub, S3, Inspector, and Macie, with plans to expand.

Accenture Cloud Buckets Exposed Sensitive Credentials

🔒 UpGuard discovered four publicly accessible AWS S3 buckets belonging to Accenture, exposing API keys, certificates, decryption keys, plaintext passwords, and customer data associated with the Accenture Cloud Platform. The discovery was made in mid-September 2017 and reported to Accenture, which secured the buckets the following day. Exposed artifacts included master KMS keys, VPN credentials, logs, and private signing keys that could enable impersonation and secondary attacks against clients.

Massive CENTCOM/PACOM Cloud Leak Exposes Billions of Data

🔍 UpGuard discovered three publicly accessible Amazon S3 buckets associated with CENTCOM and PACOM that contained a vast corpus of scraped internet posts. One bucket alone held an estimated 1.8 billion records spanning 2009–2017, including news articles, forum threads, comment sections and social media posts. Configuration files and folders referenced a contractor, VendorX, and projects named Outpost and Coral, while Lucene indexes indicated the data was organized for search. UpGuard notified the Defense Department and the buckets were secured.

Exposed Facebook User Data from Third-Party Apps Found

🔒Two exposed third-party Facebook app datasets were discovered publicly accessible, including a 146 GB dump from Cultura Colectiva containing over 540 million records of comments, likes, reactions, account names and Facebook IDs. A separate At the Pool backup held profile fields and plaintext passwords for roughly 22,000 users. Both data sets resided in publicly readable Amazon S3 buckets, illustrating how misconfigured storage and long-lived third-party copies of user data create persistent leakage risk.

Cloud Leak Exposes Millions of Dow Jones Customer Records

🔒 A cloud-based file repository owned by Dow Jones & Company was discovered publicly accessible, exposing sensitive personal and financial details for millions of customers. UpGuard researcher Chris Vickery located an AWS S3 bucket under the subdomain dj-skynet on May 30, 2017; Dow Jones secured the repository on June 6 after notification. Exposed material included names, addresses, account identifiers, login emails, the last four digits of credit cards, and 1.6 million entries tied to Dow Jones Risk and Compliance products, illustrating the dangers of cloud misconfiguration.

DSCC S3 Misconfiguration Exposes 6.2M Email Addresses

🔒 UpGuard researchers discovered an Amazon S3 bucket tied to the Democratic Senatorial Campaign Committee (DSCC) that publicly exposed about 6.2 million email addresses. The unprotected archive, EmailExcludeClinton.zip, contained a comma-separated .csv of addresses from major ISPs, universities, government and military domains and was last modified in 2010. UpGuard notified the DSCC on July 26, 2019, and the bucket was secured the same day. The incident highlights persistent operational risks in campaign data handling.

Exposed S3 Bucket Leaked Thousands of TigerSwan Resumes

🔓 UpGuard discovered an Amazon S3 bucket publicly exposing 9,402 TigerSwan job applications and resumes, many containing sensitive personal details and hundreds of claims of Top Secret/SCI clearances. The repository, last updated in February 2017 and attributed by TigerSwan to a terminated recruiting vendor, included names, addresses, contacts, passport and partial Social Security numbers, and driver’s license data. UpGuard notified TigerSwan in July 2017; after follow-ups the files were secured on August 24, highlighting the risks of cloud misconfiguration and third-party vendor practices.