cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1064
Views
0
Helpful
0
Replies

Capital One breach on AWS exposes 100M+ consumers

uzi15
Level 1
Level 1

I came here expecting to see this subreddit lit up. Alas, nothing. Where is everyone? Misconfigured web firewall --> hacker gained IAM role --> found encryption keys --> decrypted data in S3 --> data extracted. Hacker posted breadcrumbs/trail on social about her exploit, and posted data on GitHub. Hack happened in March 2019. Capital One notified by email tip that their data is on GitHub July 17. Misconfigured cloud resource fixed immediately. Suspect arrested by FBI 7/29.

I'm interested in helping businesses avoid this kind of mess. What are y'all hearing?

0 Replies 0