As Gizmodo and other news outlets are reporting, 12,000 Social Media Influencers, Mostly Women, Exposed by Marketing Firm Data Breach. While AWS misconfigs seem to make the news regularly, this event is a bit different – social media celebrities have serious concerns about privacy due to stalking/cyberstalking, and often don’t have the protections that other forms of celebrity often afford. The majority of those whose contact details have been leaked are women. IT security experts commented below.
Mounir Hahad, Head of Threat Research at Juniper Network:
“The attack surface online cloud services present is huge and attractive to hackers for several reasons:
- The trend toward cryptocurrency mining as a source of revenue needs massive amounts of computing resources. Cloud compute farms are a concentration of this commodity.
- Many enterprises are newly embracing the cloud every day, which means their level of comfort and expertise with its configuration is still low and opportunities for exploiting a misconfiguration are abundant.
- IT staff responsible for managing cloud computing accounts are overwhelmed and quite often end up delegating responsibilities to end-users who are superficially trained in running the cloud setup. This again leads to a lot of misconfigurations, ports open to the internet that shouldn’t be, weak passwords used, vulnerable web servers or database servers installed and left unpatched.
“Unfortunately, these misconfigs are a conduit for hackers to get into the network and steal sensitive information, which may end up in a demand for ransom or sold to the highest bidder on the dark web.
“The victims can rarely do anything to protect themselves against such information leaks short of not putting any of their information in any online service. It’s up to the services that are entrusted with that information to make sure there is a high maturity level with using cloud services by everyone on their staff. It only takes one mistake by one employee using an AWS bucket to transfer a big file for something to go horribly wrong.”
John Gunn, CMO at VASCO Data Security:
“This compromise is unique in that smaller breaches and data losses don’t usually make the news. For every small one like this, there are a thousand more that go unreported and unknown, but the threat to the account holders is just as big. Any account not protected by multifactor authentication should be considered already exposed.”