More Data Leaked from AWS Bucket Misconfigurations
May 29, 2018 / Kacy Zurku
Another Amazon S3 bucket misconfiguration breach, this time with AgentRun, has resulted in an insurance start-up exposing data for clients, including Cigna, Transamerica, SafeCo Insurance, Schneider Insurance, Manhattan Life, and Everest. Sensitive personal and medical information of thousands of insurance policyholders was exposed, leaving the data without password protection and publicly accessible to anyone while AgentRun was migrating to the bucket during an application upgrade, according to Cyware. Mike McKee, CEO, ObserveIT, said that companies are moving faster than ever, so it is no surprise that many security breaches occur due to human error. "This is another example of how damaging an insider with good intentions but poor execution or adherence to policy can be to an organization," McKee said.