How the largest Romanian real estate portal could have prevented a massive cloud data breach

Can cloud misconfigurations affect your company?

Yes, they can! In this case, Romania’s largest real estate portal has suffered a data breach due to a misconfiguration. Website Planet detected that the portal's AWS S3 buckets were publicly available without any protection, back in December 2020. As a result, more than 200,000 records were exposed.


Anyone with the URL could access the buckets and Personal Identifying Information (PII) stored there. Users' data such as full names, emails, phone numbers, Social Security Numbers (CNP), or even scanned copies of national ID cards including identifying codes were leaked.


The AWS (Amazon Web Services) S3 Access Points feature provides settings for access points, buckets, and accounts to help companies manage the public access to their resources. More information can be found on Amazon's Documentation Portal: https://aws.amazon.com/ premiumsupport/ knowledge-center/ read-access-objects-s3-bucket


By default, new buckets do not allow public access. However, users can modify bucket policies and allow public access. Since these individual settings are customizations enabled to better suit a specific organization’s needs, the responsibility is no longer with the cloud provider.

Even if the unintentional breach was fixed after Website Planet reported it, the precise number of people affected remains unknown and the culpability for this data leak lies entirely with the real estate portal.

This could have easily been prevented with the implementation of a Cloud Security Posture Management (CSPM) tool. These solutions are developed to detect any misconfigurations and to prevent this type of event.

As a CSPM, Cyscale Power Platform is the perfect tool that helps companies reduce risk. It enables complete visibility and control over cloud accounts in under 5 minutes since deployment.


Cyscale’s platform is equipped with an alert mechanism, that detects and informs security and cloud ops about exposed assets and helps them address these issues in time.



Mistakes such as having your company’s buckets exposed, without password protection or encryption can be detected and fixed in time, you just need someone to guide you. We are ready to assist you with your Cloud Security.



Published 2021-02-09By Ovidiu CicalCategory News
START FREE TRIAL

Interesting? Share it

TwitterLinkedIn
What is a CSPM and why should you consider using one?
Cloud Native Security

What is a CSPM and why should you consider using...

Virginia Mitea · 2021-08-17

A CSPM or Cloud Security Posture Management is a tool designed to identify misconfiguration and compliance risks in the cloud wh...

TwitterLinkedIn
Bridging the Gap Between ISO 27001 and Cloud-Native Systems
Cloud Native Security

Bridging the Gap Between ISO 27001 and Cloud-Nat...

Andrei Stefanie · 2021-08-31

Being compliant is a huge selling point and many well-established customers will even require this from their service providers....

TwitterLinkedIn
The ISO 27001 certification, policy by policy
Compliance

The ISO 27001 certification, policy by policy

Manuela Ticudean · 2021-09-30

Going through an ISO 27001 implementation means that people in your company must work closely together towards that end, as most...

TwitterLinkedIn