this post was submitted on 07 Apr 2024
497 points (95.6% liked)

Security

5041 readers
6 users here now

Confidentiality Integrity Availability

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 38 points 7 months ago

To be fair, it’s probably more about the IT contractors and consulting firms that didn’t implement security policies or configurations correctly on the S3 buckets for the governments they’re working for. The AWS products aren’t opening up things to the public internet without auth. Which I bet most of you knew.

Example: Accenture left a trove of highly sensitive data on public servers (2017)