Cloud services are playing a crucial role to guarantee business continuity during this complicated period. SaaS applications and IaaS services have extended the corporate perimeter, allowing a nearly completely remote workforce to access their data from virtually any place.
Without considering the security implications for the endpoint (a topic that would deserve an entire blog post on its own), this process has revealed an increasingly common threat: the risk of misconfigurations leaking the data stored in the cloud to the entire planet. Poor security procedures, lax default settings, and also the mindset of too many users and administrators, which is still “on-premise“, are common causes of cloud leaks.
Over the last few years there have been multiple examples of leaky cloud services, exposing million of user records (with easily predictable consequences for the privacy of the unaware victims), or even fueling other attacks such in case of the two Magecart campaigns carried out compromising the AWSS3 buckets hosting the targeted sites’ configuration files.
And despite AWS S3 is the most common service to leak data, it’s not the only one, as you will notice. Last but not least, I will keep this list updated as soon as new cloud breaches will be revealed during 2021.
As always, thanks for sharing and supporting my work for spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin.
wdt_ID
Date Reported
Date Disovered
Company
Description
Cloud Service
Data Exposed
Country
Link
1
04/01/2021
1/4/2021
Nissan North America
The source code of mobile apps and internal tools developed and used by Nissan North America leakes online after the company misconfigured one of its Git servers.
BitBucket
Source code of mobile apps and internal tools
US
2
14/01/2021
18/8/2020
Juspay
The data of 35 million users from Juspay goes on sales in the dark web
AWS S3
35 million users
IN
3
15/01/2021
9/12/2020
CHS Consulting
Thousands of UK business professionals have had their personal details exposed online via a leaky Amazon Web Services bucket.
AWS S3
1000s of personal documents including passports.
UK
4
19/01/2021
10/13/2020
Fleek
A cloud misconfiguration at a now-defunct social media app has exposed hundreds of thousands of files, including explicit photos of users that they thought had been deleted.
AWS S3
32 Gb (377,000 files)
US
5
19/01/2021
During December 2020
Nohow International
An unsecured Microsoft Azure Blob leaks deeply sensitive documents of more than 12,000 construction workers, including scans of passports, national IDs, birth certificates, and tax returns.
Microsoft Azure
Sensitive documents of more than 12,000 construction workers
UK
6
20/01/2021
–
Pixlr
ShinyHunters sharee a database that he claims was stolen from Pixlr while he breached the 123rf stock photo site. Pixlr and 123rf are both owned by the same company, Inmagine.
AWS S3
1.9 million user records
US
8
24/01/2021
–
MeetMindful
The hacking group ShinyHunters leaks personal information of over 2 million MeetMindful users.
AWS S3
2.8 million user records
US
9
29/01/2021
01/12/2020
Imobiliare
The largest real estate portal in Romania, Imobiliare, suffers a data breach after a bucket was found to be exposed, without password protection or encryption.
AWS S3
201,087 files belonging to 200,000 people
RO
10
01/02/2021
20/11/2020
Confédération Européenne de Volleyball (CEV), or European Volleyball Confederation.
A publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world.
Microsoft Azure
Images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world.
EU
11
17/02/2021
16/02/2021
Amber Group
A security lapse by a Jamaican government contractor exposes immigration records and COVID-19 test results for hundreds of thousands of travelers who visited the island over the past year.
AWS S3
70,000 negative COVID-19 lab results, over 425,000 immigration documents, and over 250,000 quarantine orders dating back to June 2020
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok