Researchers with Safety Detectives have warned of a huge data leak which exposes IDs of airport security workers across South America. The research team found an AWS S3 bucket exposed, without any authentication required, containing PII of Securitas and airport employees dating back to November 2018. Safety Detectives have claimed the S3 bucket contained around 1.5 million files. In other words, this is a non-trivial leak.
Yan Michalevsky, CTO and Cofounder, Anjuna Security:
“One of the issues organizations are facing is dealing with the large attack surface where they currently need to secure their entire infrastructure or cloud deployment in order to protect the crown jewels. Confidential Computing can turn the table on attackers, decoupling application security from infrastructure security, and narrowing down the perimeter such that attacks as this one could be prevented.”
This is a huge leak and the full impact isn’t yet known. But it’s likely to be devastating to both the individuals who had their personal information leaked, and to anything associated with Securitas. Companies need to do better on this front because once this data is out there, there’s no going back.
Like this:
Like Loading...
Related
This entry was posted on February 4, 2022 at 7:23 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Massive Data Leak Exposed By Researchers
Researchers with Safety Detectives have warned of a huge data leak which exposes IDs of airport security workers across South America. The research team found an AWS S3 bucket exposed, without any authentication required, containing PII of Securitas and airport employees dating back to November 2018. Safety Detectives have claimed the S3 bucket contained around 1.5 million files. In other words, this is a non-trivial leak.
Yan Michalevsky, CTO and Cofounder, Anjuna Security:
“One of the issues organizations are facing is dealing with the large attack surface where they currently need to secure their entire infrastructure or cloud deployment in order to protect the crown jewels. Confidential Computing can turn the table on attackers, decoupling application security from infrastructure security, and narrowing down the perimeter such that attacks as this one could be prevented.”
This is a huge leak and the full impact isn’t yet known. But it’s likely to be devastating to both the individuals who had their personal information leaked, and to anything associated with Securitas. Companies need to do better on this front because once this data is out there, there’s no going back.
Share this:
Like this:
Related
This entry was posted on February 4, 2022 at 7:23 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.