Connect with us

Hi, what are you looking for?

Tech & Science

V Shred exposes 1 million files with open S3 bucket (Includes interview)

With the incident, a misconfigured AWS S3 bucket at V Shred, is repored by ZDNet, to have exposed more that one million files, including persoanl data relating to some 99,000 people associated with the fitness brand’s customers. This arose because the AWS bucket was completely opened to the public.

Concerns with the type of data that has been exposed have been picked up by Balbix CTO Vinay Sridhara. The analyst is concerned with one of the responses from V Shred about the exposed data not being seen as important. Sridhara explains that just because information does not “seem” important this does not mean that the data cannot be used by hackers.

Sridhara says this is down to the nature of the environment within which the data was held: “The challenge of cloud environments is that the chance of misconfigurations greatly increases, and many organizations assume that major third-party providers have strong default security standards.”

Sridhara clarifies: “Combined, these factors often lead to lax security in cloud environments. In the case of V Shred, the S3 bucket was left completely open to public access and included identifiers in the URL that made user information easily identifiable. Perhaps even more concerning is that V Shred responded to the vulnerability by saying they it was necessary to have the files open and that no personal identifiable information was exposed.”

With this point, Sridhara notes: “Though some information may seem “harmless,” any compromised data can increase the chances of a highly targeted (and effective) phishing scheme, making it easier for hackers to track and compromise people online. Only implementing security measures that can monitor risk in cloud environments will ensure that the public is fully protected.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

The coin's design includes the psychedelic 'magic piano' featured in the 1967 Magical Mystery Tour film - Copyright Royal Mint/AFP -There are few accolades...

Business

Can anyone remember the world before AI tools? Since the fateful launch of ChatGPT in November of 2022, the world has forever changed.

Business

US President-elect Donald Trump said Elon Musk would lead an efficiency drive under his new administration. — © AFP/File Kena BetancurThe Department of Government...

World

The Bahamas on Thursday said it had rejected a proposal from the incoming Trump administration to take in deported migrants.