Corporate consulting giant Accenture left bucketloads of sensitive corporate and client data exposed online for anyone to access. Luckily for them, it seems that UpGuard director of cyber risk research Chris Vickery was the only one who stumbled upon it.
He discovered the four unsecured AWS S3 storage buckets on September 17, and notified the company the next day. Accenture moved to secure the storage servers the day after.
“All four S3 buckets contain highly sensitive data about Accenture Cloud Platform, its inner workings, and Accenture clients using the platform. All were maintained by an account named ‘awsacp0175,’ a possible indication of the buckets’ origin,” UpGuard analyst Dan O’Sullivan shared.
Leave a reply