Massive Data Leak Exposed By Researchers

Researchers with Safety Detectives have warned of a huge data leak which exposes IDs of airport security workers across South America. The research team found an AWS S3 bucket exposed, without any authentication required, containing PII of Securitas and airport employees dating back to November 2018. Safety Detectives have claimed the S3 bucket contained around 1.5 million files. In other words, this is a non-trivial leak.

Yan Michalevsky, CTO and Cofounder, Anjuna Security:

“One of the issues organizations are facing is dealing with the large attack surface where they currently need to secure their entire infrastructure or cloud deployment in order to protect the crown jewels. Confidential Computing can turn the table on attackers, decoupling application security from infrastructure security, and narrowing down the perimeter such that attacks as this one could be prevented.”

This is a huge leak and the full impact isn’t yet known. But it’s likely to be devastating to both the individuals who had their personal information leaked, and to anything associated with Securitas. Companies need to do better on this front because once this data is out there, there’s no going back.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: