01/25/2020, 12:28 a.m.
Note: We used commission links in this article and marked them with “*”. If an order is placed via these links, t3n.de receives a commission.
Sensitive data from Amazon’s AWS cloud service was accessible to everyone via Github for five hours. Among them were various passwords and key pairs.
Nightmare for Amazon’s cloud service AWS (Amazon Web Services): A technical employee of the platform has published sensitive data on Github on a large scale. The package included various passwords and AWS key pairs and private keys, which third parties could use to gain access to AWS services. The IT security company Upguard reportedly discovered the data leak after half an hour and alerted AWS Security. After five hours, the data had been deleted from the Github repository.
AWS data leak: passwords and keys
The bundle of data – the downloaded zip file was 954 megabytes in size, according to Upguard – contained not only the passwords and keys, but also numerous AWS documents and log files that could be used to identify customers of the AWS employee. With the passwords and keys, potential attackers could have given root access to the AWS accounts of affected customers. Authentication tokens and API keys for third-party providers, such as email accounts, were also found.
Documents with sensitive data from AWS customers, such as bank statements, emails or personal documents, including a driver’s license, were also not intended for the eyes of third parties. According to Upguard, these documents could also be used to identify an AWS employee via his LinkedIn profile. Therefore, and because of AWS training documents and documents that Amazon has classified as secret, which can also be viewed in the Github repository, the security researchers assume that an AWS employee is behind the publication.
AWS: access to accounts?
It is not clear whether the temporarily publicly available data has fallen into the wrong hands and whether it has been misused, such as accessing an AWS account. The incident had already taken place on January 13th. The magnitude of the effects of data theft or accidental breakdowns can be seen in the case of a data scandal from the summer of 2019. Back then, a former AWS employee was said to have gained access to data stored in the AWS cloud by over 100 million Bank Capital One customers ,
More on the subject: