Creditseva, KS Enterprises Breaches Highlight Need for Improved Cloud Security

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Kromtech researchers recently found approximately 48,000 Indian citizens' personal information exposed in a misconfigured Amazon S3 bucket that wasn't password protected -- the data belonged to credit management service Creditseva.

IBTimes UK reports that the exposed information included Creditseva customers' driver's license information, home addresses, credit reports and photos.

It's not clear at this point how long the data was exposed for, or who may have accessed it.

Last month, the same researchers found a publicly accessible Amazon S3 bucket belonging to KS Enterprises, a UK-based money transfer service that focuses on sending funds to Bangladesh.

In that case, the exposed data included more than 11,000 customers' passports, driver's licenses, and/or proof of address documents such as tax bills and loan documents.

This is part of an unsettling pattern -- Kromtech security researchers also recently found over 3 million WWE fans' information in publicly accessible Amazon S3 buckets, and UpGuard researcher Chris Vickery found 4 million Dow Jones customers' data and 14 million Verizon customers' information similarly exposed.

Managing Cloud Infrastructure

"In order to protect your S3 data from loss and unauthorized access, each company and individual using Amazon cloud infrastructure must ensure there aren't any publicly accessible S3 buckets available," Kromtech chief security communications officer Bob Diachenko said in a statement.

"A publicly accessible S3 bucket allows full control access to everyone (i.e. anonymous users) to list (read) the objects within the bucket, upload/delete (write) objects, view object permissions and edit object permissions," Diachenko added.

FireMon platform specialist Josh Mayfield told eSecurity Planet by email that the best way to improve cloud security and protect against breaches like these is to work with a cloud infrastructure security broker (CISB).

"When cloud infrastructure is deployed, it is often to satisfy a pressing concern (e.g. application development, on-demand storage, etc.)," Mayfield said. "Having a CISB gives organizations security policy that will govern current and future cloud systems, without needing to manipulate each new instance. This gives companies security that conforms to policy, regulations, and governance with the agility necessary to satisfy the business demand."

Cloud Security Concerns

A recent Gigamon survey of 500 IT decision makers found that 84 percent of respondents believe cloud security concerns are holding their organizations back from adopting the latest technologies.

Still, 69 percent of responding organizations are moving day-to-day work information to the cloud, 56 percent are doing the same with critical and proprietary corporate information, and 47 percent are doing so with personally identifiable information (PII).

Seventy-three percent of respondents expect the majority of their organization's application workloads to be in the cloud in three years' time.

Even so, just 35 percent of respondents are planning to approach network security in the cloud the same way they do with their on-premise security operations, and 49 percent said their hybrid cloud environment prevents them from determining where their data is really stored.

"Today's attackers have the advantage as cybercrime is a thriving economy and attacks are focused on infiltrating the network and stealing important company information," Gigamon vice president of products Ananda Rajagopal said in a statement.

"It is imperative for enterprises to adopt a visibility platform that provides visibility and control of their network traffic, and one that's integrated with their security tools to accelerate threat detection and improve efficiencies," Rajagopal added.