I guess that we shouldn’t be surprised about the 10 million people that got breached this time, but the complexity of people who got breached.
This breach came from both a misconfiguration of AWS buckets and configured private buckets, but this goes beyond that.
Several open databases totaling 262gb of data is only the beginning of this article.
The article in part says:
80,000 files contained various personal identifiable information (PII) for tens of millions of people – and not just from Pray.com users.
There’s much more than this, and it isn’t looking good.
Cloud Complexity
Interestingly, a little over 80,000 files were made private, only accessible to people with the right security permissions. However, these files were being exposed through a second Amazon service, vpnMentor found, demonstrating the complexity that cloud configurations can entail.
“Through further investigation, we learned that Pray.com had protected some files, setting them as private on the buckets to limit access,” they explained. “However, at the same time, Pray.com had integrated its S3 buckets with another AWS service, the AWS CloudFront content delivery network (CDN). Cloudfront allows app developers to cache content on proxy servers hosted by AWS around the world – and closer to an app’s users – rather than load those files from the app’s servers. As a result, any files on the S3 buckets could be indirectly viewed and accessed through the CDN, regardless of their individual security settings.”
They added, “Pray.com’s developers accidentally created a backdoor that gave complete access to all the files they had tried to protect.”
They accidently did this? This is a big accident, and to read all the details on this, the article Good Heavens! 10M Impacted in Pray.com Data Exposure should be read and if you are effected by this, the security box or tech box want to talk to you about your use of this application.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.