Verizon Suffers Second Data Leak on Amazon AWS Cloud

Is it a case of incompetence, laziness or poor cloud services design? Whatever the case, someone in the Verizon Communications business ecosystem has once again left confidential information exposed on Amazon Web Services (AWS), according to Kromtech Security Research Center.

According to the report:

Ouch. The AWS bucket belonged to a Verizon Wireless engineer and it did not belong to nor was it managed by Verizon itself, according to the report. Kromtech alerted the engineer about the exposed data, and the situation was immediately rectified.

Amazon AWS Cloud Data & Security Leaks: Quite Common

A growing number of Amazon-related cloud data leaks have been reported in recent months. In each case, the issue typically involved users who poorly configured their AWS accounts, rather than an Amazon cloud design bug.

AWS cloud leak victims in 2017 have included:

Holding AWS Account Owners Accountable?

Security experts are calling public cloud users to more effectively monitor and manage their account settings.

“Given the high number of incidents involving exposed S3 buckets that we have seen in the past few months, it is baffling that every organization is not carefully looking into the configurations and exposure levels of their storage in the cloud." said Zohar Alon, co-founder and CEO, Dome9. "Protecting data in the cloud from accidental exposure and theft is a business priority.

Moreover, companies need to be held highly accountable for their lack of security on the public cloud, Alon asserted. So far, that certainly hasn't been the case.