As many as 2.3 billion data files are presently stored in unsecured and misconfigured web servers such as Amazon S3 buckets, Server Message Block (SMB), File Transfer Protocol (FTP) and rsync servers by companies across the world, new research has found.
Last month, a security researcher unearthed a massive unsecured database hosted by Amazon Web Services that contained 49 million data records belonging to over 350,000 Instagram users. Information stored in the database included phone numbers and email addresses of celebrities and influencers on the social media platform.
Earlier in the month, security researcher Bob Diachenko also found a publicly indexed MongoDB database hosted on Amazon AWS infrastructure that contained over 275 million records with personal identifiable information (PII) on Indian citizens but was not secured from external access. These data records included names, email addresses, gender, mobile phone numbers, dates of birth, current salary, employment history, education levels, and professional skills of millions of Indian citizens.