To our surprise, the assessment discovered that 60,000 files were on a public access on AWS S3 bucket owned by an intelligence and defense contract of Booz Allen.
![top 10 cloud storage providers 2015 top 10 cloud storage providers 2015](https://www.terrasafe.com/wp-content/uploads/2015/10/cloud-storage-free.jpg)
This incident also highlighted the fact that how alarming is the storage of sensitive info on 3rd party vendor.īooz Allen Hamilton- In this year, technology consulting firm Booz Allen hired UpGuard to carry out security assessment on both its internal and external computer systems. The info included customer phone numbers, their names, and PIN which was alarming as this info can be used by attackers to gain false access to the accounts and get cloned SIMS. ‘Nice’ agreed that the mistake was committed by one of its engineers who reportedly created a cloud-based file repository for storing customers call data which is used by Verizon for backend office and call center operations. Verizon- Nice Systems, which is a 3rd party vendor working for Verizon, committed a configuration blunder on an AWS S3 bucket which exposed names, addresses, account details, and pin numbers of millions of US-based Verizon customers.
![top 10 cloud storage providers 2015 top 10 cloud storage providers 2015](https://launchberg.com/content/images/2020/08/cloud-storage-1.png)
It was revealed in the security analysis that more than 137GB of data was available for public access and some of the data might have been siphoned by hackers to post on the dark web.
![top 10 cloud storage providers 2015 top 10 cloud storage providers 2015](https://www.2daygeek.com/wp-content/uploads/2015/02/top-10-free-cloud-storage-providers-8.png)
The data exposed in this security goof-up were authentication credentials, secret API data, digital certificates, decryption keys, customer data, and other meta info which could be easily used by cyber crooks to mint money. And as a result of this flaw, the data on these storage media was available for download. Accenture- World’s first Cyber Resilience startup UpGuard discovered in its Cyber Risk survey that Accenture left at least 4 AWS S3 storage buckets unsecured.