According to Kromtech Security Center, the Australian Broadcasting Corporation has mistakenly leaked sensitive information from at least two unsecured Amazon web services (AWS) S3 repositories (buckets).
The corporation has ensured that their tech team has immediately responded in order to solve the data leak. However, the government supported corporation has also confirmed that the data leak was reported on November 16.
Their operation is similar to the British Broadcasting Corporation (BBC) and they use various tax payer funds and a for profit business model.
The CIO of security firm, Bob Diachenko has written a Blog post and claimed that the firm has discovered a “trove of data” linked with ABC commercial. ABC commercial is the area of firm that deals with the marketing and retailing fairs of ABC products and services all around the globe. They have reached such data after conducting an online inspection of inadequately set up cloud computing sites.
The information discovered through the exposed data set include, data from production services and stock files which shouldn’t be available for public.
According to Diachenko, the leaked information contains various emails, logins, hashed passwords which were used by ABC Commercial users to access the ABC content. The users include the known ones from media industry. It also contain requests from licensed content from global media producers, secret access keys and login details for other repositories with advance video content and, 1800 daily MySQL database backups from 2015 to present.
He further pointed out towards the fact that the unsecured repositories were found to be in the present condition just a week after AWS has launched some new encryption and security features for the users.
“We have immediately sent notification emails to the database owners and also got in touch with ABC Technology security specialists. All reported buckets were successfully secured within minutes,” Diachenko said.
“This is another warning for ABC to take cyber security seriously and audit all servers, repositories, and backups regularly. The most unfortunate part is that the issue occurred due to human error and not a malicious attack.”
This is not a new accusation to ABC as they were found inefficient for their sensitive data storage and had been involved in accidental exposure of such data. In 2010, a similar claim was made by the corporation, in which they have reported the players of their reality game, BlueBird. In the email, they informed the players that their names, email addresses, and passwords were publically available for download through archive for almost a month.
ABC has also undergone through a hacking attack, back in 2013. The attack was reported to be carried out by an individual having a handle “Phr0zenMyst” which lead to expose the details of 50,000 users. The online exposed details include usernames, email addresses, and password hashes.
Share this article
About the Author
Zehra Ali is a Tech Reporter and Journalist. She has done her Masters in Mass Communication. Topics related to cybersecurity, IoT, AI, Big Data and other privacy matters are extensively covered by her on various platforms. You can follow her on twitter.
More from Zehra AliRelated Posts
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
KEY TAKEAWAYS Unblocking streaming content from Amazon Prime is easy only if you know the reliable V...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...
