Amazon S3, or Simple Storage Service, is one of the most widely used web services portal available. The fact that Amazon uses it to run their own e-commerce storefront should be enough to highlight its reliability; not to mention the trillions of objects that are stored within the infrastructure. The service portfolio of Amazon S3 boasts web-based hosting, backup storage and more, but is it secure?
Every computer system ever made is susceptible to hacking at some level – and Amazon S3 is no exception. This was made evident through the recent uncovering of approximately 14 million records containing highly sensitive information on Verizon customers.
No Immediate Threat from Hackers
Although this information was left unprotected on an Amazon S3 server, Verizon is quick to point out the fact that the data was never compromised. The shortcoming was identified by {{https://www.upguard.com/|UpGuard}} employee Chris Vickery, who is responsible for uncovering similar issues with companies in the past.
Verizon made this clear via a statement on their website. It reads, in part: “We have been able to confirm that the only access to the cloud storage area by a person other than Verizon or its vendor was a researcher who brought this issue to our attention. In other words, there has been no loss or theft of Verizon or Verizon customer information.”
Their official statement continued with further information and clarifications, stating: “By way of background, the vendor was supporting an approved initiative to help us improve a residential and small business wireline self-service call center portal and required certain data for the project. The overwhelming majority of information in the data set had no external value, although there was a limited amount of personal information included, and in particular, there were no Social Security numbers or Verizon voice recordings in the cloud storage area.”
According to resources, all of the data that resided on the server was generated over the past six months. It originated from customer service calls to the company. Verizon officials all point out that some customers have multiple accounts, so the actual number of unique customers affected is closer to 6 million.
Whether it was 14 million or 6 million is irrelevant. This is a case of simple negligence on behalf of the manager of the server, an Israeli company known as Nice Systems. Representatives with the company are remaining tight-lipped about the news, but they have stated that the data was erroneously uploaded there as part of a “demo” system they had been testing.
Despite the fact that no customer data was comprised, this incident highlights the importance of online data protection and security.
Moving Forward and Restoring Customer Faith
Verizon and Nice Systems have both moved swiftly to rectify the issue. The service provider issued a statement apologizing to their customers and reinforcing their ongoing commitment to customer privacy and data security. Their future intentions have not been made clear at the time of this writing, but the data has already been removed from its previous location.
Millions of Verizon Customer Records Leaked Via Amazon S3
Comments
No comments yet. Sign in to add the first!