All news with #booz allen hamilton tag

Exposed NGA Data Linked to Booz Allen S3 Misconfiguration

🛡️ UpGuard analyst Chris Vickery discovered a publicly exposed S3 file repository containing credentials and SSH keys tied to systems used by US geospatial intelligence contractors. The plaintext data included access tokens and administrative credentials that could enable entry to systems handling Top Secret-level data. NGA secured the bucket rapidly after notification; Booz Allen Hamilton responded later. UpGuard preserved the dataset at government request.

Public S3 Exposure Tied to Booz Allen and NGA Incident

🔒 UpGuard’s Cyber Resilience Team discovered a publicly exposed Amazon S3 repository containing plaintext SSH keys and administrative credentials tied to a Booz Allen engineer and contractor metadata pointing to NGA‑related projects. After initial notification to Booz Allen, UpGuard escalated the issue to the NGA, which secured the repository within minutes. Booz Allen acknowledged the report later that day, and UpGuard preserved the downloaded dataset at the government’s request. The incident highlights the real‑world risk of simple misconfiguration and third‑party vendor security posture.