Hundreds of gigabytes of emails from Fortune 100 firms exposed online
Another misconfigured AWS server leaves company data exposed
Leaving sensitive information publicly accessible on the web is a recipe for disaster and according to new report from cybersecurity firm UpGuard, that is exactly what the data management company Attunity did for Ford, Toronto-Dominion Bank and its other Fortune 100 clients.
Researchers at UpGuard discovered more than a terabyte of data left unsecured by the company last month on AWS servers which included its own passwords and network information as well as emails and designs from several of its high-profile customers.
As a data custodian, Attunity helps integrate information its clients have stored in various places so that it can be easily analyzed. Despite its status as an “Advanced Technology Partner' of Amazon's cloud division, the company failed to configure its cloud storage correctly and left all of the data it stored visible in plain text similar to how the digital platform Cultura Colectiva left Facebook user data unsecured.
- Facebook app data exposed by third-party developers
- US government data leak exposes years of investigations
- Tech Data leaks 246GB of customer data
Attunity's data buckets contained files about Ford's internal project plans as well as TD Bank invoices, agreements between it and the the company as well as files related to the type of technology solution Attunity was configuring for the bank.
Unsecured servers
While client files were exposed as a result of the incident, a large collection of Attunity's own files pertaining to administrative and employee passwords to a number of systems, extensive employee email backups, a roadmap to the company's virtual network and even personal information about its own employees.
According to UpGuard, the widespread presence of login credentials could have led to a sizable data leak had it not informed the company about its discovery. Luckily though, the firm found no evidence that any bad actors had taken advantage of the information while it was accessible online.
After UpGuard informed Attunity about the incident, the company removed public access to the data buckets. However, several weeks passed before it asked the security firm more detailed questions about the data exposure.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In a blog post detailing its findings, UpGuard stressed that misconfigurations of cloud storage can lead to catastrophic damage to a company, saying:
“Attunity’s business is to replicate and migrate data into data lakes for centralized analytics. The risks to Attunity posed by exposed credentials, information, and communications, then are risks to the security of the data they process. While many of the files are years old, the bucket was still in use at the time detected and reported by UpGuard, with the most recent files having been modified within days of discovery.
“The chain of events leading to the exposure of that data provides a useful lesson in the ecology of a data leak scenario. Users’ workstations may be secured against attackers breaking in, but other IT processes can copy and expose the same data valued by attackers. When such backups are exposed, they can contain a variety of data from system credentials to personally identifiable information. Data is not safe if misconfigurations and process errors expose that data to the public internet.”
- Keep your systems and data protected with the best antivirus
Via Financial Post
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.