[techdirt]Another Day, Another Company Leaving Sensitive User Data Exposed Publicly On The Amazon Cloud - Overclock.net - An Overclocking Community

Forum Jump: 

[techdirt]Another Day, Another Company Leaving Sensitive User Data Exposed Publicly On The Amazon Cloud

 
Thread Tools
post #1 of 8 (permalink) Old 08-07-2019, 11:26 PM - Thread Starter
professional curmudgeon
 
looniam's Avatar
 
Join Date: Apr 2009
Posts: 9,679
Rep: 791 (Unique: 451)
[techdirt]Another Day, Another Company Leaving Sensitive User Data Exposed Publicly On The Amazon Cloud

Quote:
What is it about companies leaving consumer data publicly exposed on an Amazon cloud server? Verizon made headlines after one of its customer service vendors left the personal data of around 6 million consumers just sitting on an Amazon server without adequate password protection. A GOP data analytics firm was also recently soundly ridiculed after it left the personal data of around 198 million citizens (read: most of you) similarly just sitting on an Amazon server without protection. Time Warner Cable also recently left 4 million user records sitting in an openly-accessible Amazon bucket.

You'd think that after all of this press attention fixated on a fairly basic (but massive) screw up, that companies would stop doing this. But you'd be wrong.

The latest company to fail at fundamental security practices is California's Bank of Cardiff, which managed to leave millions of phone recordings made by employees -- you guessed it -- in an unsecured Amazon cloud bucket open wide to the general internet. Many of the phone recordings exposed include bank employees talking with customers about sensitive financial transactions:
SOURCE

Remember the golden rule of statistics: A personal sample size of one is a sufficient basis upon which to draw universal conclusions.
Upload the computer to Dropbox and provide a link to it so others may download it to examine and give advice for repairs.
loon 3.2
(18 items)
CPU
i7-3770K
Motherboard
Asus P8Z77-V Pro
GPU
EVGA 980TI SC+
RAM
16Gb PNY ddr3 1866
Hard Drive
PNY 1311 240Gb
Hard Drive
1 TB Seagate
Hard Drive
3 TB WD Blue
Optical Drive
DVD DVDRW+/-
Power Supply
EVGA SuperNova 750 G2
Cooling
EKWB P280 kit
Cooling
EK-VGA supremacy
Case
Stryker M [hammered and drilled]
Operating System
Win X
Monitor
LG 24MC57HQ-P
Keyboard
Ducky Zero [blues]
Mouse
corsair M65
Audio
SB Recon3D
Audio
Klipsch ProMedia 2.1
▲ hide details ▲


looniam is offline  
Sponsored Links
Advertisement
 
post #2 of 8 (permalink) Old 08-07-2019, 11:47 PM
Otherworlder
 
epic1337's Avatar
 
Join Date: Feb 2011
Posts: 7,355
Rep: 217 (Unique: 125)
*shrug*

theres no severe penal code to warrant their attention in improving data security.
maybe a license to operate data servers which would get revoked if they fail to uphold the required security to protect them?
e.g. they should adopt the same business structure as the banking business.

trolling an adult is very dangerous, don't try it at home nor at work. you don't want to play tag with a rabid man.

Last edited by epic1337; 08-07-2019 at 11:58 PM.
epic1337 is offline  
post #3 of 8 (permalink) Old 08-07-2019, 11:55 PM - Thread Starter
professional curmudgeon
 
looniam's Avatar
 
Join Date: Apr 2009
Posts: 9,679
Rep: 791 (Unique: 451)
Quote: Originally Posted by epic1337 View Post
*shrug*

theres no severe penal code to warrant their attention in improving data security.
maybe a license to operate data servers which would get revoked if they fail to uphold the required security to protect them?
e.g. they should adopt the same business structure as the banking business.
fyi, negligence is the source of ALL "penal codes" (laws). read up about torts. but no one seems to care.

however, to use a cliche; the beatings will continue until attitudes change.

Remember the golden rule of statistics: A personal sample size of one is a sufficient basis upon which to draw universal conclusions.
Upload the computer to Dropbox and provide a link to it so others may download it to examine and give advice for repairs.
loon 3.2
(18 items)
CPU
i7-3770K
Motherboard
Asus P8Z77-V Pro
GPU
EVGA 980TI SC+
RAM
16Gb PNY ddr3 1866
Hard Drive
PNY 1311 240Gb
Hard Drive
1 TB Seagate
Hard Drive
3 TB WD Blue
Optical Drive
DVD DVDRW+/-
Power Supply
EVGA SuperNova 750 G2
Cooling
EKWB P280 kit
Cooling
EK-VGA supremacy
Case
Stryker M [hammered and drilled]
Operating System
Win X
Monitor
LG 24MC57HQ-P
Keyboard
Ducky Zero [blues]
Mouse
corsair M65
Audio
SB Recon3D
Audio
Klipsch ProMedia 2.1
▲ hide details ▲


looniam is offline  
Sponsored Links
Advertisement
 
post #4 of 8 (permalink) Old 08-08-2019, 12:21 AM
New to Overclock.net
 
treetops422's Avatar
 
Join Date: Mar 2019
Posts: 308
Rep: 13 (Unique: 10)
I checked Credit Karma... I've been the victim of 12 breaches thus far...



"Many of the phone recordings exposed include bank employees talking with customers about sensitive financial transactions:"
smh and now it becomes clear why Mark Zuckerberg has had tape over his mics for 10+ years



treetops422 is offline  
post #5 of 8 (permalink) Old 08-08-2019, 02:19 AM
What should be here ?
 
huzzug's Avatar
 
Join Date: Jun 2012
Posts: 5,285
Rep: 358 (Unique: 256)
Quote: Originally Posted by treetops422 View Post
smh and now it becomes clear why Mark Zuckerberg has had tape over his mics for 10+ years
I think I saw the documentary about Zuck's office laptops having taped selfie cameras but now I can't find the documentary nor a foto of it online.

#2 their debt is insane, even for a "diverse field" company. They cannot even afford to service the debt maintenance let alone make an actual dent in the debt itself. - Internet Stranger
huzzug is online now  
post #6 of 8 (permalink) Old 08-08-2019, 02:56 AM
News Fiend
 
ryan92084's Avatar
 
Join Date: Oct 2015
Location: 'merica
Posts: 2,064
Quote: Originally Posted by huzzug View Post
I think I saw the documentary about Zuck's office laptops having taped selfie cameras but now I can't find the documentary nor a foto of it online.
https://hotforsecurity.bitdefender.c...ame-14164.html

Meh '12
(13 items)
CPU
Ryzen 2600x
Motherboard
ASUS Crosshair VII Hero
GPU
XFX Fury X
RAM
G.SKILL TridentZ Series 16GB (2 x 8GB) 288-Pin DDR4 SDRAM DDR4 3200 F4-3200C14D-16GTZSW
Hard Drive
SAMSUNG 970 PRO M.2 2280 512GB PCIe Gen3. X4, NVMe
Hard Drive
Samsung 850 Pro-Series
Hard Drive
Seagate 4TB Enterprise NAS SATA (ST4000VN0001)
Hard Drive
WD Black 1TB Performance Desktop Hard Drive WD1003FZEX
Power Supply
SEASONIC PLATINUM-860 860W RT
Cooling
Black Ice Nemesis 360GTS Radiator x2
Cooling
Monsoon MMRS Reservoir + D5 pump + mountings
Cooling
XSPC Raystorm Neo Metal
Cooling
EKWB Fury X
Cooling
Monsoon Free Center 1/2ID 3/4OD fittings + Rotaries + plug + Temp probe
Cooling
BeQuiet SilentWings 3 High Speed PWM x 9
Case
Lian Li PC-O11 Dynamic
Operating System
Windows 10 Pro
Monitor
LG 27" IPS 27UK650
Keyboard
Massdrop CTRL
Mouse
Logitech g403
Mousepad
HAYATE KOU FX SOFT NINJA Black L
Audio
Blue Yeti Black
Audio
Massdrop x AKG K7XX
Other
LIAN LI O11D-1X ,Riser Cable and cover bracket for PC-O11D
CPU
i5 3570k
Motherboard
Z77x-UD5H
GPU
Zotac 670 GTX AMP!
RAM
G.Skill f3-2400c10D-16gtx
Hard Drive
Samsung 850 Pro 128GB
Optical Drive
Some old thing
Power Supply
Seasonic platinum 860w
Cooling
Custom water
Case
Customized Thermaltake Armor
Operating System
Win 10 pro
Monitor
Dell U2413
Keyboard
Ducky Shine
Mouse
Logi G502
▲ hide details ▲


ryan92084 is offline  
post #7 of 8 (permalink) Old 08-08-2019, 10:06 AM
New to Overclock.net
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 18,883
Rep: 551 (Unique: 312)
i've been getting mobile text paypal fishing attempts recently, curious if they let something slip that we haven't heard about yet.

at this point it seems like they're fighting to find NEW people to hack, cuz they just keep getting the same derps info, over and over.

zuck doesn't just tape over his camera, he sends his children to incredibly specialized "analog" schools for the ultra rich where they learn the classic way, n have limited computer lab access, like a student in the early 00s.

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
skupples is offline  
post #8 of 8 (permalink) Old 08-08-2019, 11:08 AM
New to Overclock.net
 
Section31's Avatar
 
Join Date: Aug 2013
Posts: 466
Rep: 7 (Unique: 7)
The funny thing even with hacking, the old methods are still very popular and widely used. Phishing and the telemarketing stuff still common. Almost everyone I know, has gotten robocalled everyday by someone pretending to be from Chinese Embassy/Chinese Customs/China Tax Agents. The worse being they leave voice mail, which I have to delete. Even hacking has not stopped industries like loan sharks and good old fashion espionage.

I understand we are care about our private info but our name, address are already out there. Sometimes even old credit card numbers, passport and social security numbers. Really isn't much we can do except practice common sense, check our bank accounts etc often and protect ourselves through using VPN.

Sometimes even funny things happens with the tax collection departments, my family's business is still waiting to hear back from the tax department about odd case of how someone managed to bypass telephone authorization for the business account (you have to know a lot of info to pass security checks) and changed the account address/direct deposit so any tax refund goes directly to them. I suspect we aren't only one and its probably an inside job.

Last edited by Section31; 08-08-2019 at 11:15 AM.
Section31 is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off