A
cybersecurity firm has reported the discovery of 60,000 files from a
US intelligence agency left on an unsecured public server with
absolutely zero protection, not even a password.
The files
were related to a military project being undertaken by the National
Geospatial-Intelligence Agency (NGA), which uploaded the files to an
Amazon cloud storage server that anyone could access.
Chris
Vickery, a risk analyst with cyber resilience firm UpGuard, did just
that. Among the files were sensitive information and even the
security credentials of a senior employee with defense contractor
Booz Allen Hamilton (BAH). There were also the login credentials
needed to access code repositories that might contain classified
information among the files. Vickery said that the information
appeared to have been accidentally leaked by a BAH employee.
Full
report:
Comments
Post a Comment