In September 2017, a security researcher discovered hundreds of gigabytes of sensitive client and company data exposed when the consulting giant accidentally left four of its AWS S3 buckets open to the public.
The unprotected information included secret API data, passwords (in one backup database, nearly 40,000 passwords were stored and the majority were in plain text), certifications, description keys and general customer information. Effectively, anyone with an AWS account could have accessed / downloaded the information with a simple keyword search.
Want to discuss this case? We're offering a FREE 20 minute phone consultation with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you: