Viacom exposes crown jewels to world+dog in AWS S3 bucket blunder

Found on The Register on Tuesday, 19 September 2017

Researchers found a wide-open, public-facing misconfigured AWS S3 bucket containing pretty much everything a hacker would need to take down the company's IT systems.

The Amazon-hosted bucket could be accessed by any netizen stumbling upon it, and contained the passwords and manifests for Viacom's servers, as well as the access key and private key for the corporation's AWS account.

There you have companies with their pockets full of money, and they still decide to dump everything "into the cloud", putting their entire business into the hands of someone else. At the same time, they could employ competent admins and run their own, properly secured DC.

Browse all articles« Previous « » Next »