A US-based used electronics retailer has exposed over 2.6 million files, including ID cards and biometric images, after a misconfigured AWS S3 bucket was discovered. For background, a random scan for server vulnerabilities led to the discovery of the wide-open S3 bucket on October 12, 2020. The company itself appeared to be shuttered, with an invalid contact email and its website offline, but Website Planet contacted AWS two days later and the issue was eventually remediated. There were 80,000 or so images of personal identification cards such as driver’s licenses, and 10,000 fingerprint scans included in the millions of files found in the database
Experts Comments
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Chris DeRamus , VP of Technology Cloud Security Practice, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organizations should take the appropriate security measures, such as security automation, to ensure that data is protected at all times...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/unprotected-s3-buckets-results-in-over-80000-id-cards-and-fingerprint-scans
Facebook Message
@Chris DeRamus , VP of Technology Cloud Security Practice, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organizations should take the appropriate security measures, such as security automation, to ensure that data is protected at all times...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/unprotected-s3-buckets-results-in-over-80000-id-cards-and-fingerprint-scans