Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Amazon Announces a Security Change That May Help Companies Using AWS to Avoid Data Breaches

Fortune: “Amazon is finally offering a simple way for its cloud services customers to lock down data stored at its Simple Storage Service (S3) with one fell swoop. This change should help companies in the Fortune 500 and mom-and-pops down the street avoid embarrassing breaches of data. Customers of Amazon Web Services (AWS) routinely leave private files available for public consumption. That’s led to routine, sometimes costly situations for companies that find hackers or security researchers have retrieved customer information, databases containing user passwords, or even proprietary company secrets. That includes the global consulting and management firm Accenture, which in October 2017 left four of its S3 storage areas, known as “buckets,” open to public examination and download. Over 137 gigabytes of data could have been retrieved, including 40,000 unencrypted passwords. Accenture’s cloud platform, hosted on Amazon’s services, include 92 of the Fortune Global 100 and three-quarters of the Fortune Global 500. A security researcher discovered the public data and informed Accenture…”

Sorry, comments are closed for this post.