Unprotected AWS Bucket Exposes 50 GB Financial Data

Security Unlocked

An AWS bucket belonging to Birst, a cloud business intelligence and analytics firm, was left exposed to the public, revealing no less than 50.4 GB of data belonging to a financial giant.

Some would term this as just another regular day in the world of cloud.

But fact is, these data leaks show no sign of stopping.

This latest one was revealed by UpGuard.

And according to the details provided, the leaked data contained technical information on Birst appliance specially configured for the infrastructure of Capital One, which is one of the leading financial service providers in the world, the 8th largest commercial bank in the United States.

Passwords, administrative access credentials and private keys for use within Capital One systems were all within plain sight — data enough to guide an attacker on how to dig deeper into the company’s IT system.

Birst Logo

As detailed:

“Taken in full, the exposed Birst appliance provides a roadmap of where attackers would want to focus their energies in seeking to compromise Capital One’s wider systems. Of greatest interest are the locations of the ports connecting the Birst appliance with the other services that would feed its business intelligence dashboards.”

Of course, the good news here, relatively speaking, is that one would first be required to compromise the Capital One network to use the leaked credentials.

So, while this cloud leak does not expose the private information stored in those other systems, it does multiply the effects of any successful attack to a potentially catastrophic scale. No matter whether that attack comes via phishing, malware, social engineering, or even an inside threat.

The data was discovered on January 15, 2018, and the researchers at UpGuard have been in touch with Birst and Capital One.