Four Million Time Warner Cable Records Leak From Amazon S3

It’s an epidemic! Barely a week passes nowadays before we hear about misconfigured AWS S3 servers resulting in massive data leaks, and this week we have had two.

The first being news of the details of military and intelligence personnel leaking out.

And now we have this, some 600 GBs of files that were left exposed on two cloud repositories owned by BroadSoft, a global communication software and service provider. They contained data belonging to clients — most notably Time Warner Cable, the cable company.

Researchers found that information on more than four million TWC customers were found in one file, dating back to 2010. Included were details like SQL database dumps, code, access logs, customer billing addresses and phone numbers.

As is usually the case, the Amazon Web Services S3 buckets, which are usually protected by default, had been configured to allow public access, most probably for use as a backup testing ground.

Kromtech, the firm that that unearthed this, said that a large fraction of the data stems from the company’s MyTWC app, an application that allowed customers to pay bills, upgrade services, and access voicemail, channel listings and WiFi settings.

Information on TWC customers between November 26, 2010 to July 7, 2017 were leaked in the file.

And it contained specifics like user names, serial numbers, account numbers, MAC addresses, service, category details, and transaction IDs.

A Time Warner Cable spokesperson said that the company was still investigating the incident, and the information was quickly taken down upon discovery. As a general security measure, TWC is encouraging users of the app to change their usernames and passwords.

That said, this is just another in the line of high-profile data leaks in the cloud.

Week after week, poorly secured Amazon S3 buckets continue to make headlines, and it almost seems that no one is paying attention to the notion of properly securing their cloud storage.