Public S3 Bucket Leaks 2 Billion Records—Defenders Must Secure Cloud Storage

An Amazon Web Services S3 bucket was mistakenly configured to allow public write access, turning it into an open data dump. An independent security researcher discovered the bucket, downloaded roughly 2 billion personal records—including health information, bank details, and other sensitive data from multiple enterprise customers—and responsibly disclosed the issue to the affected firms and AWS.

The breach exposes massive regulatory, financial, and reputational risks for the compromised organizations and highlights a common cloud‑security blind spot. Defenders must enforce strict bucket policies, implement automated misconfiguration scanning, and continuously monitor access logs to prevent publicly writable storage from becoming a data‑leak vector.

Categories: Data Breaches, Cloud & SaaS Security, Data Protection & Privacy

Source: Read original article