Multiple AWS S3 customers have been warned by security researchers that the data they placed on Amazon servers could be easily stolen, according to the BBC.
Close to 50 messages were posted to Amazon’s servers claiming that data stored on the public cloud service may be at risk due to misconfiguration. A security researcher reportedly told the broadcaster that they were aware of a list of 2000 insecure AWS buckets, most of which were located on servers that were part of Amazon’s ’Simple Storage Service.’
Buckets of tears
Customers were identified using software which scans the storage buckets for misconfigurations and vulnerabilities. Researchers found that many of the buckets had been set up for short term projects, only to become disused, leaving the systems unpatched and susceptible to attacks.
Another reporrted problem is the use of the same bucket by several firms at once, creating flaws and opening up databases to more people.
Amazon refuted claims that configuration settings had been set up in a way that leaves data vulnerable, and stated that it had created tools specifically to allow customers to secure their data and define who could gain access.
This could have been the very cause of the problem, as customers may have expected integrated security rather than an a la carte service.
Misconfiguration errors have indeed been known to cause data breaches on AWS, as the Australian Broadcasting Corporation learnt in November last year, when Ukranian cybersecurity firm Kromtech unearthed an unsecured cache of files related to the company’s commercial operations, allegedly including several thousand emails, customer logins and passwords, requests for licensed content, and 1,800 daily database backups made since 2015.
S3 also caused a major outage on Amazon’s US-East-1, when the buckets were misconfigured during a debugging operation, accidentally removing crucial subsystems and bringing down all of the region’s servers.