Technology and cloud giant Accenture has confirmed it inadvertently left a massive store of private data across four unsecured cloud servers, exposing highly sensitive passwords and secret decryption keys that could have inflicted considerable damage on the company and its customers. Here are 2017's biggest hacks, leaks, and data breaches -- so far Dozens of data breaches, millions of people affected. The servers, hosted on Amazon's S3 storage service, contained hundreds of gigabytes of data for the company's enterprise cloud offering, which the company claims provides support to the majority of the Fortune 100. The data could be downloaded without a password by anyone who knew the servers' web addresses. Chris Vickery, director of cyber risk research at security firm UpGuard, found the data and privately told Accenture of the exposure in mid-September.
Data leaks are par for the course these days, and the latest company to be involved in one is GoDaddy. The company, which says it's the world's top domain name registrar with over 18 million customers, is the subject of a new report from cybersecurity firm UpGuard that was shared exclusively with Engadget. In June, cyber risk analyst Chris Vickery discovered files containing detailed server information stored in an unsecured S3 bucket -- a cloud storage service from Amazon Web Services. A look into the files revealed multiple versions of data for over 31,000 GoDaddy systems. In the most recent revision of the exposed spreadsheet, there were eight tabs with information on GoDaddy's AWS usage as well as pricing and discounts the company was offered by Amazon.
A massive trove of sensitive corporate and customer data was left freely exposed to the public by Accenture, one of the world's biggest management firms. The tech giant left at least four cloud storage servers, which contained highly sensitive decryption keys and passwords, exposed to the public, without any password protections. The data could have potentially been accessed by hackers, who then could have used the information to mount attacks on both Accenture and its clients. The data leak was uncovered by Chris Vickery, director of cyber risk research at UpGuard, who privately notified Accenture about its cloud servers having been exposed in mid-September. The exposed servers, which were hosted on Amazon S3 storage services, contained hundreds of GB of sensitive data, including secret API data, authentication credentials, certificates, decryption keys, customer information, and more.