All news with #aws s3 tag

TigerSwan S3 Exposure: Thousands of Resumes Leaked

🔓 UpGuard's Cyber Risk Team discovered an Amazon S3 bucket named "tigerswanresumes" that was publicly accessible, exposing 9,402 resumes and application documents submitted to TigerSwan. The files contained contact details, work histories, and sensitive identifiers — including passports, partial Social Security numbers, driver’s license numbers, and 295 resumes claiming Top Secret/SCI clearances. UpGuard notified TigerSwan and followed up repeatedly; the bucket remained accessible for roughly a month before it was secured. TigerSwan said the exposure resulted from a former recruiting vendor.

Misconfigured Amazon S3 Exposed Tea Party Campaign Data

🔓 On August 28, 2018 the UpGuard Cyber Risk team discovered a publicly readable Amazon S3 bucket named tppcf containing roughly 2GB of campaign files belonging to the Tea Party Patriots Citizens Fund (TPPCF). The data included call lists with full names and phone numbers for about 527,000 individuals, along with strategy documents, call scripts, and marketing assets. UpGuard notified TPPCF on October 1; permissions were briefly set to allow global authenticated users and then removed by October 5. The incident illustrates how cloud misconfiguration can expose sensitive political microtargeting data and create significant privacy risks.

AWS releases SRA Verify: Open-source SRA assessment

🔍 SRA Verify is an open-source assessment tool from AWS that automates validation of an organization’s alignment to the AWS Security Reference Architecture (AWS SRA). It runs automated checks across multiple services to verify configurations and highlight deviations from recommended patterns. The tool links checks to remediation guidance and IaC examples to help teams implement fixes more quickly. It currently covers CloudTrail, GuardDuty, IAM Access Analyzer, Config, Security Hub, S3, Inspector, and Macie, with plans to expand.

Massive CENTCOM/PACOM Cloud Leak Exposes Billions of Data

🔍 UpGuard discovered three publicly accessible Amazon S3 buckets associated with CENTCOM and PACOM that contained a vast corpus of scraped internet posts. One bucket alone held an estimated 1.8 billion records spanning 2009–2017, including news articles, forum threads, comment sections and social media posts. Configuration files and folders referenced a contractor, VendorX, and projects named Outpost and Coral, while Lucene indexes indicated the data was organized for search. UpGuard notified the Defense Department and the buckets were secured.

Mass Facebook App Data Exposed in Two Third-Party Leaks

🔓 Two third-party Facebook app datasets were publicly exposed via misconfigured Amazon S3 buckets, including a 146 GB collection from Cultura Colectiva containing over 540 million records of comments, likes, reactions, account names and Facebook IDs. A separate backup from the At the Pool app contained fields such as fb_friends, fb_likes, fb_photos and plaintext passwords for roughly 22,000 users. UpGuard notified the app owners and AWS in January; the larger bucket was not secured until early April after media inquiry. These exposures highlight enduring risks from third-party access to platform data and misconfigured cloud storage.

Alteryx Cloud Leak: 123M U.S. Household Records Exposed

🔓 UpGuard discovered a publicly exposed AWS S3 repository tied to Alteryx that contained a 36 GB ConsumerView dataset from Experian alongside 2010 US Census data. The exposure included over 123 million U.S. household records with detailed demographics, financial indicators, and proprietary segmentation that increased risk of fraud and identity theft. After notification, Alteryx secured the bucket; UpGuard highlights vendor-risk management and continuous monitoring to prevent similar incidents.

Exposed Facebook User Data from Third-Party Apps Found

🔒Two exposed third-party Facebook app datasets were discovered publicly accessible, including a 146 GB dump from Cultura Colectiva containing over 540 million records of comments, likes, reactions, account names and Facebook IDs. A separate At the Pool backup held profile fields and plaintext passwords for roughly 22,000 users. Both data sets resided in publicly readable Amazon S3 buckets, illustrating how misconfigured storage and long-lived third-party copies of user data create persistent leakage risk.

Cloud Leak Exposes Millions of Dow Jones Customer Records

🔒 A cloud-based file repository owned by Dow Jones & Company was discovered publicly accessible, exposing sensitive personal and financial details for millions of customers. UpGuard researcher Chris Vickery located an AWS S3 bucket under the subdomain dj-skynet on May 30, 2017; Dow Jones secured the repository on June 6 after notification. Exposed material included names, addresses, account identifiers, login emails, the last four digits of credit cards, and 1.6 million entries tied to Dow Jones Risk and Compliance products, illustrating the dangers of cloud misconfiguration.

Cloud Leak Exposes Millions of Dow Jones Customer Records

🔒 A cloud-based file repository owned by Dow Jones & Company was discovered publicly accessible, exposing sensitive subscriber and corporate intelligence data. The repository, an AWS S3 bucket configured to allow any AWS "authenticated user," contained names, addresses, emails, customer IDs and the last four digits of credit cards for millions of accounts. Dow Jones confirmed 2.2 million affected; UpGuard estimated the exposure could encompass up to four million records. The bucket was secured after discovery, but delayed notification reduced victims' ability to mitigate risk.

Accenture Cloud Buckets Exposed Sensitive Credentials

🔒 UpGuard discovered four publicly accessible AWS S3 buckets belonging to Accenture, exposing API keys, certificates, decryption keys, plaintext passwords, and customer data associated with the Accenture Cloud Platform. The discovery was made in mid-September 2017 and reported to Accenture, which secured the buckets the following day. Exposed artifacts included master KMS keys, VPN credentials, logs, and private signing keys that could enable impersonation and secondary attacks against clients.

Attunity S3 Buckets Exposed Internal Data and Credentials

🔒 An UpGuard researcher discovered three publicly accessible Amazon S3 buckets tied to Attunity (now part of Qlik) that contained a large collection of internal business documents and backups. The researcher sampled roughly one terabyte of data, including about 750 GB of compressed email backups, plus OneDrive backups, system credentials, private keys, and employee records. UpGuard notified the vendor on May 16, 2019, and public access to the buckets was removed the following day.

Accenture Cloud Buckets Exposed Sensitive Credentials

🔓 UpGuard disclosed that Accenture left four Amazon S3 buckets publicly accessible, exposing sensitive Accenture Cloud Platform data including API keys, certificates, plaintext passwords, and private keys. The buckets — labeled acp-deployment, acpcollector, acp-software, and acp-ssl — contained credentials, VPN keys, logs, and large database dumps that included client information. After discovery on September 17, 2017, UpGuard notified Accenture and the buckets were secured the following day. This incident underscores how misconfigured cloud storage can endanger both vendors and their customers.

Tetrad Exposure: Data on 120M U.S. Households Leaked

🔓 UpGuard Research discovered an unsecured Amazon S3 bucket containing a broad compilation of consumer data attributed to Tetrad, including blended sources such as Experian Mosaic and Claritas/Nielsen's PRIZM. Three large Mosaic files alone contained names, genders, addresses, and segment codes covering roughly 120–130 million households. The bucket also held retailer clientfiles with loyalty and transaction records from brands like Chipotle, Kate Spade, and Bevmo. After notification, Tetrad removed public access once the misconfiguration was identified.

DSCC S3 Misconfiguration Exposes 6.2M Email Addresses

🔒 UpGuard researchers discovered an Amazon S3 bucket tied to the Democratic Senatorial Campaign Committee (DSCC) that publicly exposed about 6.2 million email addresses. The unprotected archive, EmailExcludeClinton.zip, contained a comma-separated .csv of addresses from major ISPs, universities, government and military domains and was last modified in 2010. UpGuard notified the DSCC on July 26, 2019, and the bucket was secured the same day. The incident highlights persistent operational risks in campaign data handling.

Medico Inc. S3 Exposure Exposes Nearly 14,000 Records

🏥 UpGuard discovered an open Amazon S3 bucket operated by Medico Inc. that exposed nearly 14,000 files (~1.7 GB), including medical records, explanations of benefits, legal documents, and financial PII such as SSNs and bank account details. The bucket was identified on June 20, 2019 and secured within hours after notification. Exposed items also included internal spreadsheets containing account credentials and passwords, plus scanned checks and unredacted treatment notes. The incident highlights common cloud misconfigurations and the need for stronger vendor controls and data-handling processes.

Exposed S3 Bucket Leaked Thousands of TigerSwan Resumes

🔓 UpGuard discovered an Amazon S3 bucket publicly exposing 9,402 TigerSwan job applications and resumes, many containing sensitive personal details and hundreds of claims of Top Secret/SCI clearances. The repository, last updated in February 2017 and attributed by TigerSwan to a terminated recruiting vendor, included names, addresses, contacts, passport and partial Social Security numbers, and driver’s license data. UpGuard notified TigerSwan in July 2017; after follow-ups the files were secured on August 24, highlighting the risks of cloud misconfiguration and third-party vendor practices.