All news with #aws s3 tag

🔒 The UpGuard Cyber Risk Team discovered an Amazon S3 bucket for LA County 211 that was publicly accessible and contained Postgres backups and CSV exports with sensitive data. A 1.3GB t_contact export included millions of records, roughly 200,000 detailed call notes and 33,000 Social Security numbers, alongside 384 user accounts with MD5-hashed passwords. The exposure dated from 2010–2016; UpGuard notified the service in March–April 2018 and confirmed the bucket was closed within 24 hours of contact.

🔓The database of Omaha-based voting machine vendor Election Systems & Software was left publicly accessible on an Amazon S3 bucket, exposing records for 1.864 million Chicago voters. The exposed MSSQL backups included names, addresses, dates of birth, phone numbers, driver’s license numbers and the last four digits of Social Security numbers. UpGuard discovered the open bucket on Aug 11, 2017 and notified ES&S, which closed access the next day.

🔓 Medico Inc. left an Amazon S3 bucket publicly accessible, exposing nearly 14,000 documents (approximately 1.7GB) that included medical records, insurance claims, legal files, and internal business data. The UpGuard Data Breach Research Team discovered the bucket on June 20, 2019, and Medico closed it within hours after notification. The dataset contained unredacted PII such as SSNs, bank account numbers, and payment card data, and also included plaintext credentials that could enable further compromise.

🔓 UpGuard disclosed that an Amazon S3 bucket belonging to the Tea Party Patriots Citizens Fund (TPPCF) publicly exposed roughly 2GB of campaign materials and call lists. The files—largely PDFs and images from the 2016 election cycle—contained strategy documents, marketing assets, and call records listing full names, phone numbers and VoterIDs for about 527,000 individuals. Upon notification on October 1, 2018, TPPCF restricted bucket permissions within hours and removed access by October 5. The incident underscores how cloud misconfiguration can turn organizational data into a large-scale privacy breach with political implications.

🔓 UpGuard's Cyber Risk Team discovered an Amazon S3 bucket named "tigerswanresumes" that was publicly accessible, exposing 9,402 resumes and application documents submitted to TigerSwan. The files contained contact details, work histories, and sensitive identifiers — including passports, partial Social Security numbers, driver’s license numbers, and 295 resumes claiming Top Secret/SCI clearances. UpGuard notified TigerSwan and followed up repeatedly; the bucket remained accessible for roughly a month before it was secured. TigerSwan said the exposure resulted from a former recruiting vendor.

🔒 The UpGuard Cyber Risk team discovered a 73 GB dataset belonging to Washington ISP Pocket iNet publicly exposed in a misconfigured Amazon S3 bucket named pinapp2. The exposed files included plain text administrative passwords, AWS access keys, network diagrams, device configurations, inventories, and photographs of physical infrastructure. UpGuard notified Pocket iNet on discovery (October 11, 2018); the bucket remained exposed for seven days and was secured on October 19 after repeated contact. The incident highlights the dangers of storing secrets in public object storage and recommends using secrets managers, encryption, and hardened S3 ACLs.

🔓 UpGuard discovered an Amazon S3 repository owned by NICE Systems that left call-support logs for Verizon publicly accessible. The exposed files contained names, addresses, phone numbers, account details and many unmasked account PINs tied to phone numbers, creating a significant risk of account takeover. UpGuard notified Verizon and the bucket was secured; the incident highlights third-party cloud misconfiguration risk and the need for stronger vendor controls.

🔍 The UpGuard Cyber Risk Team discovered a publicly readable Amazon S3 bucket containing spreadsheets that appeared to describe GoDaddy infrastructure running in the AWS cloud. The largest file listed more than 24,000 hostnames and 41 configuration fields, including hostname, OS, workload, region, vCPU, memory and modeled cost data, plus apparent AWS discount information. While the files did not contain credentials or end-user data, they effectively mapped a large-scale cloud deployment and revealed sensitive pricing details. UpGuard notified GoDaddy, and the exposure was closed after coordination with the company.

⚠️ UpGuard disclosed a public data exposure affecting the Los Angeles County 211 helpline. An Amazon Web Services S3 bucket was configured for public access and contained database backups and CSV exports, including a 1.3GB t_contact export with records from 2010–2016. Exposed items included credentials (384 users, MD5-hashed passwords), contact lists, and over 200,000 detailed call notes describing abuse, suicidal ideation, addresses, phone numbers, and 33,000 Social Security numbers. After notification in March–April 2018 the bucket was secured within 24 hours, but the incident highlights critical cloud misconfiguration risks.

🔓 An UpGuard analyst discovered an unsecured Amazon S3 bucket belonging to Medcall Healthcare Advisors that publicly exposed roughly 7 GB of sensitive data. The datastore included intake PDFs, audio and video recordings of patient-operator-doctor calls, and CSV files containing full Social Security numbers and other PII. The bucket's ACL granted 'Everyone - Full Control', allowing anonymous read/write access and permission changes. Medcall closed the bucket after notification on August 31.

🔒 UpGuard’s Cyber Resilience Team discovered a publicly exposed Amazon S3 repository containing plaintext SSH keys and administrative credentials tied to a Booz Allen engineer and contractor metadata pointing to NGA‑related projects. After initial notification to Booz Allen, UpGuard escalated the issue to the NGA, which secured the repository within minutes. Booz Allen acknowledged the report later that day, and UpGuard preserved the downloaded dataset at the government’s request. The incident highlights the real‑world risk of simple misconfiguration and third‑party vendor security posture.

🔓 The UpGuard Cyber Risk Team discovered a publicly accessible AWS S3 bucket containing a 1.2 TB ndjson file with 48 million records belonging to LocalBlox. The dataset included names, addresses, dates of birth, scraped LinkedIn and Facebook content, Twitter handles, and blended data from sources like Zillow. UpGuard notified LocalBlox on February 28, 2018, and the bucket was secured the same day. This exposure highlights the real-world risk of simple cloud misconfigurations.

🔒 An UpGuard researcher discovered a publicly accessible Amazon S3 bucket exposing Viacom’s internal provisioning and cloud credentials. The archive—found under the subdomain "mcs-puppet"—contained seventy-two incremental .tgz backups with Puppet manifests, configuration files, GPG decryption keys and the AWS access key and secret. Viacom was notified on August 31, 2017 and the exposed buckets were secured within hours, preventing active compromise.

🔓 UpGuard researchers discovered an Amazon S3 bucket tied to the Democratic Senatorial Campaign Committee exposing a 145MB zip file that contained a CSV of roughly 6.2 million email addresses. The unprotected bucket granted global authenticated FULL_CONTROL, allowing anyone with a free AWS account to access or modify contents. The file, last modified in 2010 and named EmailExcludeClinton.csv, appears to be an exclusion list and includes consumer, .edu, .gov, and .mil domains. UpGuard notified DSCC and the bucket was secured the following day.

🔒 UpGuard researchers discovered a publicly accessible Amazon S3 bucket belonging to iPR Software, containing backups, internal documentation, and a dataset of approximately 477,000 media contacts. The collection included over 35,000 hashed passwords, a 17 GB MongoDB backup that expands substantially when restored, and credentials for services such as Twitter and a MongoDB hosting provider. UpGuard notified iPR on October 24 after detecting the bucket on October 15, and public access was removed on November 26; the exposure underscores risks from misconfigured cloud storage for vendors managing client data.

🔒 UpGuard identified an unsecured AWS S3 bucket containing MSSQL backups linked to Spartan Technology, exposing records from 2008–2018. The dataset comprised roughly 60 GB across four backup files and documented about 5.2 million arrest events and approximately 26,000 unique defendants; around 17,000 unique Social Security numbers were present. Victim and witness records included names and phone numbers only. After notification on November 19, 2019, Spartan promptly removed public access and worked with researchers to secure the data.

🔐 UpGuard discovered a publicly accessible Amazon S3 bucket tied to the United States Army Intelligence and Security Command (INSCOM) that contained clearly classified material, including an Oracle virtual appliance (.ova) with partitions labeled Top Secret and NOFORN. Downloadable artifacts included a plaintext ReadMe referencing the Red Disk cloud platform and a .jar used for intelligence tagging. The exposure also revealed private keys and hashed passwords linked to a third-party contractor. UpGuard notified INSCOM and the bucket was secured to prevent further access.

🔓 UpGuard’s Cyber Risk Team discovered a publicly accessible AWS S3 repository tied to Election Systems & Software (ES&S) that contained multiple backups and a 12 GB MSSQL database. The data set included about 1.864 million Chicago voter records with names, addresses, dates of birth, phone numbers, driver’s license numbers and partial Social Security numbers. The bucket, labeled “chicagodb,” was found on August 11, 2017; ES&S was notified and the exposure was secured by August 12, 2017. This incident highlights vendor misconfiguration risk and the need for rigorous vendor risk management and configuration checks.

🔓 This UpGuard report describes a publicly accessible Amazon S3 data warehouse owned by Deep Root Analytics that contained 1.1 TB of unsecured files and linked datasets from Data Trust and TargetPoint. The exposed records included personally identifiable information for up to 198 million US voters alongside modeled political attributes and scoring. UpGuard discovered the bucket on June 12, 2017; Deep Root secured it after notification, and the report details discovery, contents, and implications for election data privacy.

🔒 An UpGuard researcher discovered three publicly accessible Amazon S3 buckets tied to Attunity, a data integration vendor now part of Qlik. One bucket contained a sampled terabyte of backups, including roughly 750 GB of compressed email archives and OneDrive backups with system credentials, project documents, client lists, and employee PII. The researcher notified the vendor on May 16, 2019, and public access was removed the following day. The incident highlights how backup misconfigurations can expose credentials and sensitive corporate and customer data.