Breach, Content, Content

AWS S3 Cloud Data Leak By Securitas: CSPM Opportunity for MSSPs

Hi tech Cloud computing and cyber security. Digital data network protection. High-speed connection data analysis. Technology data binary code network conveying. Future technology digital background. (Hi tech Cloud computing and cyber security. Digital

On-site security firm Securitas left an Amazon Web Services (AWS) Simple Storage Service (S3) bucket open, according to antivirus review website SafetyDetectives. The result: Securitas exposed nearly 1.5 million files, equating to about 3TB of data.

Securitas corrected the misconfiguration in November 2021, roughly five days after SafetyDirectives reached out to the firm about the issue. The bucket was live and being updated when it was discovered, SafetyDetectives stated. Also, the misconfiguration is not Amazon's responsibility.

MSSP Alert has reached out to Securitas for additional comment, and we will update this article if/when we hear back.

MSSPs and Cloud Security Posture Management (CSPM) Tools

For MSSPs, the disclosure is a timely reminder that customers need Cloud Security Posture Management (CSPM) tools to make sure AWS, Microsoft Azure and Google Cloud Platform workloads are properly configured and protected from wandering eyes.

Demand for CSPM solutions is surging. Among the reasons: 90 percent of organizations are susceptible to security breaches due to cloud misconfigurations, according to the “2021 Cloud Security Report: Cloud Configuration Risks Exposed” from application lifecycle security company Aqua Security.

With those risks in mind, annual CSPM spending will reach $9 billion by 2026, up from $4 billion in 2020, according to Markets and Markets. That’s a 14.4 percent compound annual growth rate.

On a related note, 41 percent of our Top 250 MSSP survey participants already offer CSPM to their end customers, MSSP Alert research found in September 2021.

Securitas Data Exposure: The Details

Securitas' exposed data relates to airport employees from different sites across Colombia and Peru, SafetyDetectives noted. It includes:

  • Employee personally identifiable information (PII) and sensitive company data for at least four airports in Colombia and Peru
  • Photos of ID cards and other unmarked photos of Securitas employees and airport employees
  • Exchangeable Image File Format (EXIF) data that exposed specific information relating to photos

In addition, there is a "high probability" that every Colombian airport that uses Securitas is affected by the misconfigured Amazon S3 bucket, SafetyDetectives said. Securitas also could face sanctions for various data protection violations.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.