Security researchers found that Accenture’s four cloud servers on AWS S3 had no password protection and were openly exposed to the network, providing access to large amounts of data, including customer data, credentials, and decryption keys, if anyone could find a path.
Accenture, the systems integrator, was at risk after researchers discovered that large amounts of data, along with Amazon Web Service keys, were on cloud servers that were not password-protected.
Chris Vickery, director of network risk research at security firm UpGuard, discovered on September 17 that Accenture hosted at least four cloud servers on Amazon Web Services (AWS) S3 storage services that were publicly available on the network without password protection. If the path is discovered, it could result in a large amount of company and customer information being downloaded for free.
This batch of datagrams contains API data, authentication data, credentials, decryption keys, customer data, and so on. Further analysis revealed that the data belonged to Accenture’s enterprise Cloud product, Accenture Cloud Platform, a multi-cloud management Platform used by 94 of the world’s 100 largest enterprises and two-thirds of the world’s 500 largest enterprises.
The largest of the four servers is a 137GB file containing a database of secret accounts for suspected Accenture customers. There are also nearly 40,000 passwords stored in plain code. In addition, the master Key of Accenture’s Key Management System in AWS is included, which could result in an attacker gaining access to all encrypted data in the company’s AWS. Once the data were out, hackers could launch a second major attack on Accenture customers, the researchers said. The article is from: SBF Shengbofa
Informed by the researchers, Accenture secured the four servers immediately the following day.
Accenture played down to ZDNET how much data had been leaked before it was discovered, saying that it represented less than 1% of the company’s cloud data and that there was no customer information at all, posing no risk to customers.
This is the latest major data breach that almost (or may have) occurred at AWS. Prior to this, the data of 200 million VOTERS in the United States, military satellite information and more than 6 million Verizon customer data have been released on the network because of the AWS setting error.