Unsecured database exposes sensitive data of British consultancy firms

Unsecured database exposes sensitive data of British consultancy firms

It has been revealed that an unsecured database has exposed the sensitive data of British consultancy firms.

vpnMentor’s research team discovered the breach and found that the sensitive information belonged to the firms as well as thousands of British professionals.

The files were found to be stored on Amazon Web Services (AWS) S3 bucket which requires users to implement their own security.

Peter Draper, Technical Director, EMEA at Gurucul, commented: “The risk associated with incorrectly configured cloud resources have been highlighted many times by many people. The content of the database appears to have more information than most reported unsecured databases and contains a wealth of information which bad actors could use for fraud and identity theft.

“The situation of today’s digital world is that an increasing volume of personally identifying information is being harvested whenever we interact with organisations online. Legitimate companies can collect data about us from sources all over the Internet and then combine that data into detailed profiles which they can then sell. If this data isn’t strongly secured, and it often isn’t, this information can easily end up on the dark web.

“Please – if you run any services in the cloud, have your teams double and triple check that they are secured correctly.”

Browse our latest issue

Intelligent CISO

View Magazine Archive