Hundreds of gigabytes of emails from Fortune 100 firms exposed online

Image credit: Shutterstock
(Image credit: Shutterstock)

Leaving sensitive information publicly accessible on the web is a recipe for disaster and according to new report from cybersecurity firm UpGuard, that is exactly what the data management company Attunity did for Ford, Toronto-Dominion Bank and its other Fortune 100 clients.

Researchers at UpGuard discovered more than a terabyte of data left unsecured by the company last month on AWS servers which included its own passwords and network information as well as emails and designs from several of its high-profile customers.

As a data custodian, Attunity helps integrate information its clients have stored in various places so that it can be easily analyzed. Despite its status as an “Advanced Technology Partner' of Amazon's cloud division, the company failed to configure its cloud storage correctly and left all of the data it stored visible in plain text similar to how the digital platform Cultura Colectiva left Facebook user data unsecured.

Attunity's data buckets contained files about Ford's internal project plans as well as TD Bank invoices, agreements between it and the the company as well as files related to the type of technology solution Attunity was configuring for the bank.

Unsecured servers

While client files were exposed as a result of the incident, a large collection of Attunity's own files pertaining to administrative and employee passwords to a number of systems, extensive employee email backups, a roadmap to the company's virtual network and even personal information about its own employees.

According to UpGuard, the widespread presence of login credentials could have led to a sizable data leak had it not informed the company about its discovery. Luckily though, the firm found no evidence that any bad actors had taken advantage of the information while it was accessible online.

After UpGuard informed Attunity about the incident, the company removed public access to the data buckets. However, several weeks passed before it asked the security firm more detailed questions about the data exposure.

In a blog post detailing its findings, UpGuard stressed that misconfigurations of cloud storage can lead to catastrophic damage to a company, saying: 

“Attunity’s business is to replicate and migrate data into data lakes for centralized analytics. The risks to Attunity posed by exposed credentials, information, and communications, then are risks to the security of the data they process. While many of the files are years old, the bucket was still in use at the time detected and reported by UpGuard, with the most recent files having been modified within days of discovery. 

“The chain of events leading to the exposure of that data provides a useful lesson in the ecology of a data leak scenario. Users’ workstations may be secured against attackers breaking in, but other IT processes can copy and expose the same data valued by attackers. When such backups are exposed, they can contain a variety of data from system credentials to personally identifiable information. Data is not safe if misconfigurations and process errors expose that data to the public internet.”

Via Financial Post