All news with #aws s3 tag

ISP Exposes Administrative Credentials via S3 Misconfig

🔓On October 11, 2018 UpGuard discovered that an Amazon S3 bucket named "pinapp2" exposed 73 GB of data belonging to Pocket iNet. The downloadable "tech" folder contained plaintext administrative passwords, AWS secret keys, network configuration files, inventory lists, and photographs of hardware and towers. Pocket iNet was notified the same day and secured the exposure on October 19, 2018. The incident highlights how misconfigured S3 ACLs and poor credential hygiene can place critical infrastructure at risk.

Spartan Technology S3 Exposure of South Carolina Arrests

🔒 UpGuard Research discovered a publicly accessible AWS S3 bucket containing roughly 60 GB of MSSQL backups uploaded by a Spartan Technology employee, exposing South Carolina justice-system records spanning 2008–2018. The dataset included about 5.2 million arrest-event rows, tens of millions of related records, and sensitive PII such as names, dates of birth, driver’s license numbers and roughly 17,000 Social Security numbers. Permissions included the "AuthenticatedUsers" group, enabling broad access; Spartan removed public access the same day after notification.

Marketing PR Platform Exposed Data of Hundreds of Thousands

🔓 UpGuard identified an Amazon S3 bucket tied to iPR Software that publicly exposed over a terabyte of files, including a 17 GB MongoDB backup. The collection contained 477,000 media contacts, approximately 35,000 hashed passwords, client marketing assets, internal PR strategy documents, and credentials for Google, Twitter, and a MongoDB host. UpGuard notified iPR in October 2019; public access was removed in late November after follow-up and media engagement.

LocalBlox S3 Misconfiguration Exposes 48M Records Publicly

🔓 UpGuard discovered an Amazon S3 bucket owned by LocalBlox that was publicly accessible, exposing a 1.2 TB ndjson archive containing approximately 48 million personal profiles. The dataset aggregated names, addresses, dates of birth, scraped LinkedIn and Facebook content, Twitter handles, and other identifiers used to build psychographic profiles. UpGuard notified LocalBlox and the bucket was secured on February 28, 2018. The incident highlights how a simple cloud misconfiguration can compromise consumer privacy and enable targeted influence at scale.

Election Systems & Software Exposed 1.8M Chicago Voters

🔓The database of Omaha-based voting machine vendor Election Systems & Software was left publicly accessible on an Amazon S3 bucket, exposing records for 1.864 million Chicago voters. The exposed MSSQL backups included names, addresses, dates of birth, phone numbers, driver’s license numbers and the last four digits of Social Security numbers. UpGuard discovered the open bucket on Aug 11, 2017 and notified ES&S, which closed access the next day.

Public S3 Exposure Reveals Sensitive Customer Data at NCF

🔓 On October 3, 2017 UpGuard researcher Chris Vickery discovered a publicly accessible Amazon S3 bucket belonging to National Credit Federation containing 111 GB of internal and customer records. The repository included scanned IDs, Social Security card images, full credit reports from Equifax, Experian, and TransUnion, personalized credit blueprints, and full bank and card numbers. National Credit Federation secured the bucket after notification and UpGuard found no evidence of theft in this report. The case underscores the necessity of validating cloud storage permissions and continuously monitoring third-party risk.

LA County 211 Data Exposure: Emergency Call Records

🔒 The UpGuard Cyber Risk Team discovered an Amazon S3 bucket for LA County 211 that was publicly accessible and contained Postgres backups and CSV exports with sensitive data. A 1.3GB t_contact export included millions of records, roughly 200,000 detailed call notes and 33,000 Social Security numbers, alongside 384 user accounts with MD5-hashed passwords. The exposure dated from 2010–2016; UpGuard notified the service in March–April 2018 and confirmed the bucket was closed within 24 hours of contact.

111 GB Customer Data Exposure at National Credit Federation

🔓UpGuard discovered 111 GB of internal customer records from National Credit Federation stored in a publicly accessible Amazon S3 bucket, including names, addresses, dates of birth, scanned driver’s licenses and Social Security cards, full bank and credit card numbers, and complete credit reports. The repository contained personalized credit blueprints and videos showing employee access. UpGuard notified the company, which promptly secured the bucket. The case highlights the need for rigorous cloud permission controls and continuous configuration monitoring.

Misconfigured S3 Exposed Tea Party Campaign Assets Online

🔓 UpGuard disclosed that an Amazon S3 bucket belonging to the Tea Party Patriots Citizens Fund (TPPCF) publicly exposed roughly 2GB of campaign materials and call lists. The files—largely PDFs and images from the 2016 election cycle—contained strategy documents, marketing assets, and call records listing full names, phone numbers and VoterIDs for about 527,000 individuals. Upon notification on October 1, 2018, TPPCF restricted bucket permissions within hours and removed access by October 5. The incident underscores how cloud misconfiguration can turn organizational data into a large-scale privacy breach with political implications.

iPR Data Exposure: 477,000 Media Contacts and Keys

🔒 UpGuard researchers discovered a publicly accessible Amazon S3 bucket belonging to iPR Software, containing backups, internal documentation, and a dataset of approximately 477,000 media contacts. The collection included over 35,000 hashed passwords, a 17 GB MongoDB backup that expands substantially when restored, and credentials for services such as Twitter and a MongoDB hosting provider. UpGuard notified iPR on October 24 after detecting the bucket on October 15, and public access was removed on November 26; the exposure underscores risks from misconfigured cloud storage for vendors managing client data.

Spartan Technology Exposed South Carolina Arrest Data

🔒 UpGuard identified an unsecured AWS S3 bucket containing MSSQL backups linked to Spartan Technology, exposing records from 2008–2018. The dataset comprised roughly 60 GB across four backup files and documented about 5.2 million arrest events and approximately 26,000 unique defendants; around 17,000 unique Social Security numbers were present. Victim and witness records included names and phone numbers only. After notification on November 19, 2019, Spartan promptly removed public access and worked with researchers to secure the data.

Top-Secret INSCOM Data Exposed via Public S3 Bucket

🔐 UpGuard discovered a publicly accessible Amazon S3 bucket tied to the United States Army Intelligence and Security Command (INSCOM) that contained clearly classified material, including an Oracle virtual appliance (.ova) with partitions labeled Top Secret and NOFORN. Downloadable artifacts included a plaintext ReadMe referencing the Red Disk cloud platform and a .jar used for intelligence tagging. The exposure also revealed private keys and hashed passwords linked to a third-party contractor. UpGuard notified INSCOM and the bucket was secured to prevent further access.

DSCC S3 Misconfiguration Exposed 6.2M Email Addresses

🔓 UpGuard researchers discovered an Amazon S3 bucket tied to the Democratic Senatorial Campaign Committee exposing a 145MB zip file that contained a CSV of roughly 6.2 million email addresses. The unprotected bucket granted global authenticated FULL_CONTROL, allowing anyone with a free AWS account to access or modify contents. The file, last modified in 2010 and named EmailExcludeClinton.csv, appears to be an exclusion list and includes consumer, .edu, .gov, and .mil domains. UpGuard notified DSCC and the bucket was secured the following day.

Viacom Cloud Leak Exposes AWS Keys and Puppet Data

🔒 An UpGuard researcher discovered a publicly accessible Amazon S3 bucket exposing Viacom’s internal provisioning and cloud credentials. The archive—found under the subdomain "mcs-puppet"—contained seventy-two incremental .tgz backups with Puppet manifests, configuration files, GPG decryption keys and the AWS access key and secret. Viacom was notified on August 31, 2017 and the exposed buckets were secured within hours, preventing active compromise.

LA County 211 Data Leak Exposes Sensitive Call Records

⚠️ UpGuard disclosed a public data exposure affecting the Los Angeles County 211 helpline. An Amazon Web Services S3 bucket was configured for public access and contained database backups and CSV exports, including a 1.3GB t_contact export with records from 2010–2016. Exposed items included credentials (384 users, MD5-hashed passwords), contact lists, and over 200,000 detailed call notes describing abuse, suicidal ideation, addresses, phone numbers, and 33,000 Social Security numbers. After notification in March–April 2018 the bucket was secured within 24 hours, but the incident highlights critical cloud misconfiguration risks.

Medcall S3 Misconfiguration Exposed Patient Medical Records

🔓 An UpGuard analyst discovered an unsecured Amazon S3 bucket belonging to Medcall Healthcare Advisors that publicly exposed roughly 7 GB of sensitive data. The datastore included intake PDFs, audio and video recordings of patient-operator-doctor calls, and CSV files containing full Social Security numbers and other PII. The bucket's ACL granted 'Everyone - Full Control', allowing anonymous read/write access and permission changes. Medcall closed the bucket after notification on August 31.

ISP Exposes Admin Credentials via Misconfigured S3 Bucket

🔒 The UpGuard Cyber Risk team discovered a 73 GB dataset belonging to Washington ISP Pocket iNet publicly exposed in a misconfigured Amazon S3 bucket named pinapp2. The exposed files included plain text administrative passwords, AWS access keys, network diagrams, device configurations, inventories, and photographs of physical infrastructure. UpGuard notified Pocket iNet on discovery (October 11, 2018); the bucket remained exposed for seven days and was secured on October 19 after repeated contact. The incident highlights the dangers of storing secrets in public object storage and recommends using secrets managers, encryption, and hardened S3 ACLs.

Public S3 Exposure Tied to Booz Allen and NGA Incident

🔒 UpGuard’s Cyber Resilience Team discovered a publicly exposed Amazon S3 repository containing plaintext SSH keys and administrative credentials tied to a Booz Allen engineer and contractor metadata pointing to NGA‑related projects. After initial notification to Booz Allen, UpGuard escalated the issue to the NGA, which secured the repository within minutes. Booz Allen acknowledged the report later that day, and UpGuard preserved the downloaded dataset at the government’s request. The incident highlights the real‑world risk of simple misconfiguration and third‑party vendor security posture.

Public Exposure of GoDaddy AWS Configuration Data Details

🔍 The UpGuard Cyber Risk Team discovered a publicly readable Amazon S3 bucket containing spreadsheets that appeared to describe GoDaddy infrastructure running in the AWS cloud. The largest file listed more than 24,000 hostnames and 41 configuration fields, including hostname, OS, workload, region, vCPU, memory and modeled cost data, plus apparent AWS discount information. While the files did not contain credentials or end-user data, they effectively mapped a large-scale cloud deployment and revealed sensitive pricing details. UpGuard notified GoDaddy, and the exposure was closed after coordination with the company.

Verizon Cloud Leak: NICE Systems Exposed Customer Data

🔓 UpGuard discovered an Amazon S3 repository owned by NICE Systems that left call-support logs for Verizon publicly accessible. The exposed files contained names, addresses, phone numbers, account details and many unmasked account PINs tied to phone numbers, creating a significant risk of account takeover. UpGuard notified Verizon and the bucket was secured; the incident highlights third-party cloud misconfiguration risk and the need for stronger vendor controls.