Oops, They Did it Again

Last week Dow Jones, the business and financial news company that owns the Wall Street Journal, admitted that 2.2 million customers’ details were exposed due to an Amazon S3 bucket misconfiguration. They are not alone and follow similar mishaps reported by Verizon, World Wrestling Entertainment, and Scottrade. They all share a common root problem, user error that resulted in exposing the contents of their S3 buckets. There are now over one million authenticated AWS users and S3 misconfigurations are becoming all too common.