Worldwide customers' data exposed due to cloud storage server not secured with a password

Synopsis

In February 2018, security researchers found over 100,000 documents containing highly personal information and including passports, driving licences and security IDs completely accessible to the public in an unsecured Amazon S3 bucket. Like far too many other breaches involving unsecured cloud buckets, the attackers were not even asked for a password to gain access to the sensitive data.

The company said there was no indication the data had been misappropriated.

The problem seemed to stem from a third party company called Bongo International LLC, which was shut down in 2017. Security researcher Bob Diachenko said: “Technically, anybody who used Bongo International services back in 2009-2012 is at risk of having his or her documents scanned and available for many years”.

Free consultation

Want to discuss this case? We're offering a FREE 20 minute phone consultation with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:

Companies

  • Bongo International LLC
  • FedEx Corporation
  • FedEx Cross-Border International

We've done the analysis so you can make the decisions

$489.99
When purchasing a minimum of 5 Case Studies
$699.99 if buying less than 5.

  • Detailed cause & effect analysis
  • Lessons learnt catalogued
  • Preventive controls extracted
Add to Cart
Heads up! Want to try before you buy? You can download our FREE demo case study here