Security Expert Re: 13 Million Records Leaked By Fox News

A configuration error exposed millions of internal records at Fox News.

Experts Comments

April 08, 2022
Willy Leichter
CMO
LogicHub

Unfortunately, we’ve seen this movie play out many times before. Developers are notorious for thinking that security rules don’t apply to them, or that their processes are somehow isolated from hacking. Using real or realistic data at scale is an important test for most systems before they go live. But this is where we see developers get careless, or simply disregard security best practices. The almost 13 million records exposed could have fit on a single USB stick, and the data was likely

.....Read More

Unfortunately, we’ve seen this movie play out many times before. Developers are notorious for thinking that security rules don’t apply to them, or that their processes are somehow isolated from hacking. Using real or realistic data at scale is an important test for most systems before they go live. But this is where we see developers get careless, or simply disregard security best practices. The almost 13 million records exposed could have fit on a single USB stick, and the data was likely shared by multiple developers – who probably felt password protection was a hassle.

We also don’t know whether the data was actually stolen but should assume it was. Research has shown that a new, unprotected server spun up on AWS will be scanned by hackers in less than 10 minutes. If a researcher found this database unprotected, we should assume that the army of hackers has already found and exploited it.
 
While this kind of negligence is common, and probably accidental, it’s also inexcusable, and usually indicates poor security controls in the organization responsible for the data. But until we have serious penalties for this type of accidental breach, we’ll see this again, and again…

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.