Cloud Security

Nearly 20 billion files exposed in misconfigured cloud buckets

Nearly 20 billion files, including sensitive credential and database dump files, have been exposed due to misconfigured cloud storage buckets. Mysterium VPN researchers discovered that 535,480 publicly accessible cloud storage buckets across major providers like Amazon S3, Google Cloud, Azure, DigitalOcean, and Alibaba contained these exposed files, accessible without any login or exploit, according to a recent report by Security Affairs.

The exposed files encompass a wide range, with 685,047 credential and key files, such as .env files and private keys, and nearly 1 million database dumps, including .sql and .bak files. This level of exposure grants potential attackers direct access to live systems rather than just data. The research highlights that the danger lies not in individual files but in their interconnectedness, where a single misconfigured bucket can lead to a complete data breach.

While Amazon S3 accounts for over two-thirds of the exposed storage, the issue stems from widespread misconfigurations by customers rather than platform insecurity. The report emphasizes that the solution involves defaulting to private settings, avoiding storing secrets in object storage, encrypting backups, and regularly scanning for vulnerabilities. For individuals, the advice includes using unique passwords, enabling multi-factor authentication, and limiting data sharing with services.

Source: Security Affairs

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds