With so much sensitive data lying around on unsecured databases, it’s only a matter of time before an epic leak is discovered – and unfortunately, security researchers have come across a real doozy.
We predicted in a previous blog that it wouldn’t be long until the first cyber incident of 2020, and 14 days into a new decade, here we are. It’s been revealed that highly sensitive details – including British passports, tax documents, and signatures – were recently found on a completely unsecured Amazon Web Services (AWS) database.
Personal information belonging to thousands of Brits had been left unsecured in Amazon’s cloud for years, and this has only recently been brought to light when it was discovered by two security researchers during a data mapping project.
Who Found the Leak?
We can thank researchers working on behalf of vpnMentor – Noam Rotem and Ran Locar – for locating this recent data leak. If their names seem familiar, that’s because last year they hit headlines for finding the personal details of millions of Ecuadorian citizens on an unsecured cloud server. They also discovered millions of private messages leaked in exactly the same way, this time by an American communications company. Now, it seems, it’s our turn.
What Did They Find?
Rotem and Locar uncovered the AWS S3 database and were able to see all the files held within it, including thousands of scans of British passports, tax documents, background checks, national insurance numbers, signatures, salary info, personal emails, and more. Paired with this was a huge range of personally identifiable info, such as names, phone numbers, DOB’s, NI numbers, addresses – basically everything a fraudster could possibly need.
“It’s everything you’d need to steal someone’s identity, to open a bank account in their name, or a lot of other malicious things,” Rotem said to wired.co.uk
Who’s to Blame?
Fear not, Amazon Prime users and The Marvellous Mrs Maisel fans: Amazon itself isn’t to blame here. AWS offers users very simple ways to secure S3 data, such as setting data to private or adding authentication protocols to avoid access by unauthorised parties. In fact, AWS S3 is secured by default, so for a leak like this to occur, the account owner would need to go out of their way to make the data public. It’s still unknown why the user in question didn’t take basic precautions, instead allowing anyone with a regular web browser to access sensitive info.
The real culprit behind this leak remains unknown and hasn’t been revealed by Amazon. What we do know is that the data was related to several HR consultancy companies, the majority of which have now gone out of business. Despite the info being dated from 2011-2015, it could still be very valuable to cyber criminals given the sheer volume of it and the private details it includes. vpnMentor has since contacted Amazon, which has ensured the data is now out of the reach of nefarious parties.
If you’d like to know more about how to secure your data and keep cyber criminals at bay, please contact a member of our dedicated team.