sb-nz logo
Story image

1.5 billion confidential data files publicly available - that's more than 12 petabytes of data

06 Apr 2018

Credit card data, medical records, payroll data, intellectual property and tax information are all available publicly online with no data protection whatsoever – and the scale of the problem is huge.

UK-based security firm Digital Shadows detected more than 1.5 billion publicly available files across the internet in the first three months of 2018 – accounting for more than 12 petabytes of exposed data.

What is causing such a large amount of exposed data? Third parties and contractors were the most common sources of sensitive data exposure.

“A shocking amount of security assessment and penetration tests was discovered. In addition, Digital Shadows identified consumer back up devices that were misconfigured to be Internet-facing and inadvertently making private information public.”

Most of the exposed files were stored across Amazon Simple Storage Service (S3) buckets, File Transfer Protocol (FTP) servers, misconfigured websites, Network Attached Storage (NAS) drives, rsync and Server Message Block (SMB) servers.

While AWS’ S3 servers have gained attention for being insecurely misconfigured, they were not the most insecure locations in Digital Shadows’ study.

Older technologies that are widely used were more likely to be exposed. 33% of exposed data came from SMB, 28% came from rsync and 26% came from FTP. Only 7% of exposed data came from S3 buckets.

“While we often hyperfocus on responding to adversaries conducting intrusions into our environments and silently exfiltrating our data, we aren’t focusing on our external digital footprints and the data that is already publicly available via misconfigured services,” comments Digital Shadows chief information security officer Rick Holland.

Those insecure locations are exposing a number of different types of data. Payroll and tax return files accounted for 700,000 and 60,000 files respectively – the two most common forms of exposed data.

There were also 14,687 cases of leaked contact information, and 4548 patient lists.

“The volume of this sensitive data exposure should be a major cause for concern for any security and privacy conscious organisation,” Holland says.

Intellectual property was also left sitting publicly exposed on many servers – even though it is amongst the most precious data organisations can control, according to Digital Shadows.

In one case, Digital Shadows discovered a ‘strictly confidential’ patent summary for renewable energy. In another case, a document with proprietary source code as part of a copyright application was also exposed.

“This file included the code that outlined the design and workflow of a site providing software Electronic Medical Records (EMR), as well as details about the copyright application,” Digital Shadows says.

Holland says this is a timely warning for organisations that must comply with breach notification and data privacy laws, such as the European Union’s GDPR.

Story image
Kaseya announces unified RMM solution
The new unified remote monitoring and management solution is a major component of Kaseya VSA.More
Story image
IronNet expands Asia Pacific presence with new strategic partnership
“The combination of M.Tech’s extensive network in Asia Pacific and our unparalleled expertise in threat intelligence and detection will help more enterprises across the region to proactively identify and take down known and unknown threats before they happen.”More
Story image
APAC secure content management market to hit $2.2 billion by 2024
The proliferation of cloud-based deployments will largely drive this, the report says, as the COVID-19 pandemic motivates more enterprises to move their workloads to the cloud and rely more on the internet. More
Story image
Hornetsecurity acquires Altaro, the latest in acquisition spree
The move is a culmination of a medley of acquisitions made by Hornetsecurity recently, following the January 2019 acquisition of Spamina, a Spanish cloud email security company, as well as EveryCloud, its British market partner, in early 2020.More
Story image
CompTIA forms Cybersecurity Advisory Council, led by 16 security execs
The new body will be co-chaired by Tech Data director of security solutions Tracy Holtz, and Alvaka Networks chief operating officer and chief information security officer Kevin McDonald.More
Story image
The current state of ransomware — and its future
Discoveries made by analysts at Sophos have unearthed a new development: ransomware code appears to have been shared across ‘families’, and some of the ransomware groups seemed to work in collaboration more than in competition with one another. More