One more data security incident alerted the news world. However this one seems more alarming than other breaches as it directly affects many client firms. Some of the victims include Fortune 100 companies, such as Netflix, Ford, TD Bank, and others. Allegedly, an Israel-based firm Attunity inadvertently exposed a terabyte of sensitive information contained in unsecured cloud storage buckets. This Attunity data leak incident supposedly compromised sensitive business documents and email backups.
Attunity Data Leak Via Amazon S3
Researchers from UpGuard found some unsecured Amazon S3 buckets belonging to an Israel-based firm Attunity exposing huge datasets online. The exposed data included business documents, email backups, and other sensitive information relating to the firm’s clients. The researchers have reported about this Attunity data leak in a blog post.
As elaborated, researchers found three Amazon S3 buckets publicly exposing the datasets. Entitled “attunity-it”, “attunity-patch” and “attunity-support”, the data buckets hinted about their ownership to Attunity. Among these, the one named “attunity-it” seemed the oldest one containing a “bulk of sensitive data” dating back to September 2014.
Digging further enabled the researchers to find customer data, system credentials, and system information within the databases. For instance, they shared some samples belonging to Ford, Netflix, and TD Bank. Likewise, they could also access system credentials that risked the integrity of those systems.
Similarly, they also found email backups within the data buckets. Some of the emails also exposed system information and user credentials with passwords in plain text.
Furthermore, the unprotected S3 buckets also leaked details regarding system information and explicit personal information of employees. While sharing a sample regarding the exposed personal data, they explained,
The example… had 354 rows and included columns for ID, Employee, Actual / Forecast/Commit, Benefit Code, G/l account, Entity, Department, Location, Operation, Role, Active, Full Name, First name, Last name, Employee ID, Payroll ID, Date of hire, Job title, Direct manager, %, Local Currency, Salary 2015, Salary 2016, Company car value /Allowance, On target commission, Pro rated commission 2016, On target bonus, vacation days, Options Grant, RSUs Grant, Prior Notice, Recruitment fee, License Quota 2016, Key employee, Date of birth, Senior management, Zviran Code, OB VAC 1#1#15, Salary 2014, Date of termination, Travel budget 2016, updated salary 2016, Recruitment booked, and Attachments.
Databases Now Offline
The UpGuard team caught the unsecured Amazon S3 buckets on May 13, 2019. They then notified the firm about the incident on May 16, 2019. While the firm, following their report, and secured their databases, this doesn’t lower the risks associated with the incident. According to UpGuard,
Attunity’s business is to replicate and migrate data into data lakes for centralized analytics. The risks to Attunity posed by exposed credentials, information, and communications, then are risks to the security of the data they process. While many of the files are years old, the bucket was still in use at the time detected and reported by UpGuard, with the most recent files having been modified within days of discovery.
In May, UpGuard researchers also highlighted a sensitive data leak incident at HCL Technologies owing to a glitch.
Let us know your thoughts in the comments.