Last fall, a security researcher discovered four Amazon S3 storage buckets with highly sensitive data such as client credentials and a backup database containing 40,000 passwords. Accenture had accidentally set the buckets to allow public access, and all the information was fully exposed. The researcher notified Accenture, and Accenture locked down the data the next day.
Accenture wasn’t alone. Other companies that left their Amazon S3 buckets open to the public included Dow Jones, Verizon, and military intelligence agency INSCOM. The flood of the bad news continued.