Leaky S3 buckets have gotten so common that they're being found by the thousands now, with lots of buried secrets

Leaky S3 buckets have gotten so common that they're being found by the thousands now, with lots of buried secrets

The massive amounts of exposed data on misconfigured AWS S3 storage buckets is a catastrophic network breach just waiting to happen, say experts.


The team at Truffle Security says its automated search tools were able to stumble across some 4,000 open Amazon S3 buckets that included data companies would not want public, things like login credentials, security keys, and API keys.


In fact, the leak hunters say that the exposed data was so common, they were able to count an average of around 2.5 pieces of 'secret' data in each file they analyzed. In some cases, more than 10 secrets were found in a single file. These included SQL Server passwords, Coinbase API keys, MongoDB credentials, and logins for other AWS buckets that actually were configured to ask for a password.


That ..

Support the originator by clicking the read the rest link below.