Content, Americas, Governance, Risk and Compliance, Breach, Channel markets

Amazon AWS Cloud Data Leak: Thousands of US Military, Intelligence Files Exposed

Jim Reese
TigerSwan CEO Jim Reese apologized for the AWS leak, though TalentPen was responsible.

The sensitive personal files of thousands of U.S. military and intelligence personnel stored on an Amazon Web Services (AWS) website were exposed publicly last month, according to cyber resilience platform provider UpGuard. Among these files were hundreds claiming "Top Secret" U.S. government security clearances.

Approximately 9,402 records from resumes and applications for employment submitted for positions with North Carolina-based private security firm TigerSwan were publicly accessible on a website hosted by AWS, UpGuard said in a prepared statement. These files contained applicants' names, home addresses, phone numbers, email addresses, driver's license numbers and other personal information.

TigerSwan noted the affected site was controlled by TalentPen, a former recruiting vendor. The company pointed out that AWS informed TalentPen about the security issue sometime in August, and TalentPen removed the resume files on August 24. However, TalentPen did not notify TigerSwan about the incident.

"We take information security very seriously, especially in this instance, because a majority of the resume files were from veterans," TigerSwan CEO Jim Reese said in a prepared statement. "To our colleagues and fellow veterans, we apologize. The situation is rectified and we have initiated steps to inform the individuals affected by this breach."

TigerSwan has confirmed there was no breach of its server and reached out to AWS to learn more about the incident, according to the company. Also, TigerSwan is exploring all recourse and options available to those who may have been affected.

More AWS Data Leaks: Time Warner, WWE, Verizon and Dow Jones

TigerSwan's data leak is one of several incidents to affect AWS cloud users.

Recently, more than 4 million Time Warner Cable customer records were exposed via an AWS cloud leak, according to the Kromtech Security Center.

The repository that stored Time Warner customer records was configured to allow public access, Kromtech reported. This enabled anyone with an internet connection to access sensitive Time Warner customer documents. "This leak shows once again just how insecure data can be when the improper security settings are used," Kromtech said in a prepared statement.

In addition, other prominent AWS data leaks have affected the WWE, Verizon and Dow Jones, among others, over the past few months.

There are currently more than 1 million AWS users worldwide, enterprise and DevOps consultancy Contino indicated. The majority of AWS users are small and medium-sized businesses (SMBs), Contino stated, and enterprises make up roughly 10 percent of users.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.