this post was submitted on 07 Apr 2024
497 points (95.6% liked)
Security
5041 readers
6 users here now
Confidentiality Integrity Availability
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
To be fair, it’s probably more about the IT contractors and consulting firms that didn’t implement security policies or configurations correctly on the S3 buckets for the governments they’re working for. The AWS products aren’t opening up things to the public internet without auth. Which I bet most of you knew.
Example: Accenture left a trove of highly sensitive data on public servers (2017)