According to the security researchers at UpGuard, an Australian IT company based in the US, the Pentagon is the latest to have made the error of exposing large amounts of sensitive data to the public. Amazon recently added indicators and other measures to make it patently clear that S3 server data is publicly accessible. The data from only one bucket is estimated to contain 1.8 billion posts gathered over a period of eight years.
As numerous posts come from within America, UpGuard says the data collection "raises serious concerns about the extent and legality of known Pentagon surveillance against USA citizens".
The data was apparently collected by a now-defunct "VendorX", which UpGuard said shows third-party vendor risks that could impact even the "highest echelons of the Pentagon". What that means is that anyone with a free Amazon AWS account could access the data.
Pokémon GO Global Catch Challenge Could Bring Farfetch'd To Everyone
The Pokemon Go Travel event is tasking players around the world with catching three billion Pokemon in one week. Once unlocked, rewards will last until 1pm PT on December 1st.
The three buckets had the subdomain names "centcom-backup", "centcom-archive", and "pacom-archive", which provide an indication of what they signify. Given the enormous size of these data stores, a cursory search reveals a number of foreign-sourced posts that either appear entirely benign, with no apparent ties to areas of concern for USA intelligence agencies, or ones that originate from American citizens, including a vast quantity of Facebook and Twitter posts, some stating political opinions.
This was discovered by UpGuard security researcher Chris Vickery. Numerous posts captured from Facebook or Twitter seem to be political commentaries made by American citizens or other benign posts with no value for national security. It's hard to say, though, if the data had previously been accessed. This suggests the information may have been collected for surveillance purposes.
Even intelligence gatherers aren't immune to making mistakes that leave data wide open. It's unclear how long these servers have been unsecured. It's not clear whether or not these changes are a direct response to UpGuard's findings and the Pentagon data leak, or if this last event was merely the last straw that prompted Amazon to take action after multiple such leaks came to light in the past few months. It didn't make the storage servers private.
- The Title and Cast of Fantastic Beasts Sequel Have Been Revealed
- James McClean Praised By Anti-Racism Organisation For Revealing Christie Abuse
- William Hill boosted by strong online numbers
- West Brom sack manager Pulis after poor run
- APPLE CUP: Different stakes for Cougs, UW
- Gilead Sciences, Inc. (GILD) is WestEnd Advisors LLC's 10th Largest Position
- Armie Hammer Blasts Oscars' 'Two Standards' for Casey Affleck and Nate Parker
- 5-star C Bol Bol picks OR over Kentucky
- Claudio Ranieri ready to battle Carlo Ancelotti, Max Allegri for Italy job
- Pittsburgh police issue warrant for suspect in shooting of rookie officer