Several UK consulting firms recently left an Amazon Web Services (AWS) Simple Storage Service (S3) bucket open, according to vpnMentor. Sensitive information from thousands of British professionals was exposed due to the open S3 bucket, which was closed Dec. 19, 2019.Sensitive information exposed by the UK consulting firms' data leak included:The data leak was discovered Dec. 9, 2019 and traced back to CHS Consulting, a London-based consulting firm. It contained files belonging to various UK consulting firms, including:Most of the exposed information dated back to 2014-2015, vpnMentor reported. However, some exposed files dated back to 2011.
- Background checks.
- Criminal records.
- Emails and private messages.
- Job applications.
- Tax documents.
- Dynamic Partners (closed in 2019).
- Eximius Consultants Limited.
- Garraway Consultants (closed in 2014).
- IQ Consulting.
- Partners Associates Ltd (closed in 2018).
- Winchester Ltd (closed in 2018).
Global Organizations Suffer AWS Data Leaks
Several global organizations recently experienced AWS data leaks, including:- Capital One: A misconfigured AWS web application firewall was discovered last year that exposed data from 100 million individuals in the United States and approximately 6 million individuals in Canada.
- GoDaddy: An S3 bucket error exposed GoDaddy configuration information from the company's servers in 2018.
- FedEx: FedEx customer identification records were discovered on an unsecured S3 cloud server in 2018.
