From documents and credentials to source code and internal backups – billions of files are leaking due to misconfigured cloud storage buckets.
Cyble, a cybersecurity company specializing in dark web monitoring and threat intelligence, said its vulnerability search tool has detected more than 660,000 exposed buckets and 200 billion leaking files across seven major cloud providers.
Filtering the data for just three sensitive data types – credentials, source code, and confidential files – yielded millions of compromised files.
“Filtering for ‘source code’ and the Go language, for example, yielded 5.6 million results,” the firm said. “Filtering for env credentials returned 110,000 results. And a search for confidential files returned more than 1.6 million results,” a Cyble researcher said.
The number of exposed cloud storage buckets is more than 30% higher compared to August last year, when Cyble’s analysis returned more than 500,00 exposed buckets.
The security firm warns that storage bucket exposure is a very common cause of data leaks. Data is often left publicly available due to misconfigurations.
“Managing access to cloud storage buckets can be challenging even for the largest organizations, and misconfigured cloud buckets are all too common. While cloud storage is typically private by default, it can quickly get complicated when you start sharing objects or resources,” the report reads.
Your email address will not be published. Required fields are markedmarked