In today’s world, you cannot help but use cloud storage. Be it for personal use or professional need, we use the cloud all the time. While experts agree that the cloud is often more secure than any other form of storage, we must remember that, like any other IT infrastructure, the cloud is also not immune to cyber-attacks. Let’s talk about cloud data breach incidents.
Cloud service providers implement state-of-art security systems to protect their assets and data stored on their cloud servers. Still, even the most well-reputed companies around the world faced data breach incidents in the past. The cloud providers, as well as the entire IT world, keep learning from each of these incidents and upgrade their security systems accordingly. We, as users, should also learn from such security incidents. A recent Gartner report says, by 2025, 99% of cloud security incidents will be caused by lapses on the customer end and not the service provider side.
Here we list 3 of the most infamous cloud security breaches that took place in the last decade.
Accenture cloud data breach
Accenture experienced cloud data breach incidents twice in the last five years. In 2017, they found out at least four unsecured AWS S3 storage buckets. As a result, more than 137GB of their data was publicly available. It included confidential API data, decryption keys, authentication credentials, user data, and meta information. Hackers released some of this data on the dark web.
The second time Accenture found itself at the receiving end of a cyber attack was in 2021. This LockBit ransomware attack compromised more than 6TB worth of data. The attackers made a ransom demand of $50 million from the company.
It is one of the most shocking cyber security incidents in history. The attack was engineered through a spear-phishing email sent to a Yahoo employee. The incident took place in 2013-14. However, Yahoo didn’t reveal it until 2016.
Initially, it was stated that the data of one billion users were compromised in this attack. However, later it was found that it was worse. At least 3 billion user accounts were affected.
Investigation revealed attackers could only access information like security questions and answers. However, financial information and payment data were safe. The FBI charged Four people for the attack in 2017.
In 2019, Capital One, one of the leading financial intuitions in the US, revealed unauthorized individuals outside the organization gained access to certain personal information about their credit card customers. They even compromised Information about the users who applied for their credit cards. This way, they accessed about 100 million accounts illegally.
At the time of the incident, Capital One was using the Amazon Web Service. Later it was revealed that the person behind this attack was a former employee of Amazon Cloud. She exploited misconfigured web application firewalls to access data from AWS.
Cloud data breaches can be devastating for an organization. It costs them both money and reputation. To know more about cloud storage and security, follow our blog at Blomp. Blomp offers up to 10TB of cloud storage space at an affordable price.