According to the security researchers at UpGuard, an Australian IT company based in the US, the Pentagon is the latest to have made the error of exposing large amounts of sensitive data to the public. Amazon recently added indicators and other measures to make it patently clear that S3 server data is publicly accessible. The data from only one bucket is estimated to contain 1.8 billion posts gathered over a period of eight years.
As numerous posts come from within America, UpGuard says the data collection "raises serious concerns about the extent and legality of known Pentagon surveillance against USA citizens".
The data was apparently collected by a now-defunct "VendorX", which UpGuard said shows third-party vendor risks that could impact even the "highest echelons of the Pentagon". What that means is that anyone with a free Amazon AWS account could access the data.
Gilead Sciences, Inc. (GILD) is WestEnd Advisors LLC's 10th Largest Position
After $0.36 actual EPS reported by Ares Capital Corporation for the previous quarter, Wall Street now forecasts 2.78% EPS growth. Kayne Anderson Capital Advisors Lp sold 21,400 shares as the company's stock declined 6.68% while stock markets rallied.
The three buckets had the subdomain names "centcom-backup", "centcom-archive", and "pacom-archive", which provide an indication of what they signify. Given the enormous size of these data stores, a cursory search reveals a number of foreign-sourced posts that either appear entirely benign, with no apparent ties to areas of concern for USA intelligence agencies, or ones that originate from American citizens, including a vast quantity of Facebook and Twitter posts, some stating political opinions.
This was discovered by UpGuard security researcher Chris Vickery. Numerous posts captured from Facebook or Twitter seem to be political commentaries made by American citizens or other benign posts with no value for national security. It's hard to say, though, if the data had previously been accessed. This suggests the information may have been collected for surveillance purposes.
Even intelligence gatherers aren't immune to making mistakes that leave data wide open. It's unclear how long these servers have been unsecured. It's not clear whether or not these changes are a direct response to UpGuard's findings and the Pentagon data leak, or if this last event was merely the last straw that prompted Amazon to take action after multiple such leaks came to light in the past few months. It didn't make the storage servers private.
- New Brunswick names Zenabis as 3rd supplier of recreational pot
- Pittsburgh police issue warrant for suspect in shooting of rookie officer
- Pitney Bowes Inc. (NYSE:PBI) Declares $0.19 Quarterly Dividend
- Analysts Rating Review: Weatherford International Ltd (WFT)
- Armie Hammer Blasts Oscars' 'Two Standards' for Casey Affleck and Nate Parker
- Boston security guard accused of indecent assault to appear in court
- Kohli reaches milestone in drawn Test
- APPLE CUP: Different stakes for Cougs, UW
- James McClean Praised By Anti-Racism Organisation For Revealing Christie Abuse
- Pokémon GO Global Catch Challenge Could Bring Farfetch'd To Everyone