Articles about s3

Web doc iCliniq plugs leaky S3 bucket stuffed full of medical records

Exclusive Online medical consultation service iCliniq left thousands of medical documents in a publicly accessible Amazon Web Services S3 bucket. iCliniq locked down the online silo earlier this week only after the slip-up was brought to its attention by German security researcher Matthias Gliwka. He approached El Reg after failing to …
John Leyden, 3 Aug 2018

Who's leaving Amazon S3 buckets open online now? Cybercrooks, US election autodialers

Security biz Kromtech has unearthed two more embarrassing – and potentially dangerous – cases of groups leaving mass data caches unguarded on the public internet. In the first case, the culprit was an improperly configured AWS S3 bucket owned and operated by Robocent, a political robocalling company based in Virginia Beach, VA …
Shaun Nichols, 18 Jul 2018

Millions of scraped public social net profiles left in open AWS S3 box

US social network data aggregator LocalBlox has been caught leaving its AWS bucket of 48 million records – harvested in part from public Facebook, LinkedIn and Twitter profiles – available to be viewed by anyone who stopped by. Security biz Upguard wandered by on February 18, and found the publicly accessible files in a …
Thomas Claburn, 19 Apr 2018
Woman accidentally kicks over bucket of popcorn in cinema

From Bangkok to Phuket, they cry out: Oh, Bucket! Thai mobile operator spills 46k people's data

TrueMove H, the biggest 4G mobile operator in Thailand, has suffered a data breach. Personal data collected by the operator leaked into an Amazon Web Services S3 cloud storage bucket. The leaked data, which includes images of identity documents was accessible to world+dog before the mobile operator finally acted to restrict …
John Leyden, 13 Apr 2018
Someone in an Uber ride

Uber hid database hack from FTC while FTC probed Uber for an earlier database hack

Uber hid a database hack from America's Federal Trade Commission (FTC) while the very same watchdog was investigating Uber for a separate database hack, it was revealed on Thursday. The taxi app maker reached a settlement with the FTC in August 2017 after the biz allegedly "deceived consumers about its privacy and data …
Kieren McCarthy, 12 Apr 2018
Cloudy shopping trolley in the sky (representing cloud sales/procurement). Photo by Shutterstock

AWSome, S3 storage literally costs pennies

AWS is letting punters store objects in S3 for $0.01 per GB per month. The catch? The data will be held in one availability zone, meaning there is less resiliency baked into the service in the event of an outage. Users' object storage data is kept in virtual repositories called S3 buckets. These are physically stored in AWS …
Chris Mellor, 5 Apr 2018
Man reading newspaper with glasses on his head

Guys, you're killing us! LA Times homicide site hacked to mine crypto-coins on netizens' PCs

A Los Angeles Times' website has been silently mining crypto-coins using visitors' web browsers and PCs for several days – after hackers snuck mining code onto its webpages. The newspaper's IT staffers left at least one of the publication's Amazon Web Services S3 cloud storage buckets wide open to anyone on the internet to …
Shaun Nichols, 22 Feb 2018

Oh, Bucket! AWS in S3 status-checking tool free-for-all

Amazon Web Services has signalled it's still worried about poorly configured buckets in its Simple Storage Service (S3) by making one of the tools to manage them free. AWS suffered last year after a rash of data leaks caused by customers who had improperly configured their S3 storage. It's an easy mistake to make because the …
Simon Sharwood, 21 Feb 2018
passport

When it absolutely, positively needs to be leaked overnight: 120k FedEx customer files spill from AWS S3 silo

Another day, another unsecured Amazon Web Services S3 storage bucket spilling secrets onto the public internet. This time it's a misconfigured AWS cloud silo belonging to FedEx, which openly exposed an archive of more than 119,000 scanned documents – including passports and drivers licenses – plus customer records including …
Iain Thomson, 15 Feb 2018
hacker

NSA code backported, crims cuffed, leaky AWS S3 buckets, and more

Roundup Here's a roundup of this week's security news, beyond what we've already covered, to kickstart your weekend. You dirty RAT Scumbags could, once upon a time, buy a remote access trojan called Luminosity Link for about $40, and get a piece of malware that, when installed on victims' PCs, would spy on their activities, disable …
Iain Thomson, 10 Feb 2018
bucket

Good news: unsecured S3 bucket discovery just got easier

If you thought the business of discovering unsecured Amazon Web Services S3 buckets was for the pros, think again: like all things, the process can be automated, and the code to automate it posted to GitHub. It's not a new discipline – quickly Googling GitHub for S3 bucket enumeration turns up more than 1,000 results, but the …

US credit repair biz damages own security: 111GB of personal info exposed in S3 blunder

The National Credit Federation, a US credit repair biz, left 111GB of thousands of folks' highly sensitive personal details exposed to the public internet, according to security researchers. In yet another AWS S3 configuration cockup, Americans' names, addresses, dates of birth, photos of driver licenses and social security …
Iain Thomson, 2 Dec 2017
army

Massive US military social media spying archive left wide open in AWS S3 buckets

Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing "dozens of terabytes" of social media posts and similar pages – all scraped from around the world by the US military to identify and profile persons of interest. The archives were found by UpGuard's veteran security-breach …
Iain Thomson, 17 Nov 2017
ABC logo

Australian Broadcasting Corporation leaks passwords, video from AWS S3 bucket

The Australian Broadcasting Corporation (ABC) has joined the long list of organisations to leak sensitive data from a poorly secured public-facing Amazon Web Services S3 bucket. Security outfit Kromtech's chief communications officer Bob Diachenko on Thursday revealed today that the company “identified a trove of data that is …
Simon Sharwood, 16 Nov 2017
Amazonian_rainforest

Back up bod Druva paddles even further up the Amazon

+Comment Druva has nabbed a new Druva Cloud Platform (DCP) service gig for protecting, governing and looking into data in Amazon Web Services' Elastic Compute Cloud (EC2), Simple Storage Service (S3), Elastic Block Store (EBS), and the Relational Database Service (RDS). DCP is delivered as-a-service, working across AWS IaaS and PaaS …
Chris Mellor, 13 Nov 2017
A revolving door

Nutanix builds doorway to multiple compute and object storage services

.NEXT Nutanix has a one click, one OS, any cloud concept with new services to virtualise compute and object storage across multiple clouds – both on-premises and public ones. This assumes that on-premises IT is running public cloud style, of course. The company's view is that almost everything is being digitised, and that should …
Chris Mellor, 8 Nov 2017
Murmuration

Feasting on Azure blobs: Caringo and Scality are doing it

Both Caringo and Scality are adding S3 gateways between their object storage and Microsoft's Azure Blob storage. This is a bit old hat really – startup NooBaa provided an S3 frontend to Azure Blobs (Microsoft's form of object storage) in November last year, with a February 2017 ship date. You can download it here. Anyway, …
Chris Mellor, 27 Sep 2017

Guess – go on, guess – where a vehicle tracking company left half a million records

A US outfit that sells vehicle tracking services has been accused of leaving more than half a million records in a leaky AWS S3 bucket. The Kromtech Security Centre, which has made belling this particular cat its hobby, says it found a total of 540,642 ID numbers associated with SVR Tracking, an outfit that uses GPS devices to …

Create a news alert about s3, or find more stories about s3.

Biting the hand that feeds IT © 1998–2018