Unprotected S3 Buckets Results In Over 80,000 ID Cards And Fingerprint Scans

By   ISBuzz Team
Writer , Information Security Buzz | Nov 20, 2020 12:11 am PST

A US-based used electronics retailer has exposed over 2.6 million files, including ID cards and biometric images, after a misconfigured AWS S3 bucket was discovered. For background, a random scan for server vulnerabilities led to the discovery of the wide-open S3 bucket on October 12, 2020. The company itself appeared to be shuttered, with an invalid contact email and its website offline, but Website Planet contacted AWS two days later and the issue was eventually remediated. There were 80,000 or so images of personal identification cards such as driver’s licenses, and 10,000 fingerprint scans included in the millions of files found in the database