plugs account data leakage flaw

Tom Spring writes: has changed the way it handles publicly shared accounts and folders after a researcher found confidential documents and data belonging to users via Google, Bing and other search engines. While maintains this is a case of its customers unintentionally over-sharing, it says it has “fixed” the issue.

The problem stems from what Markus Neis, threat intelligence manager for Swisscom, calls a flaw in the way handles shared cloud storage accounts. Last week, he disclosed that a simple search engine query could expose confidential files of businesses and individuals to anyone on the Internet. Attackers exploiting this issue, he said, could have accessed sensitive data stored on “Collaborative” accounts managed by businesses and organizations such as Dell Technologies, Discovery Communications, biotech firm Illumina as well as accounts owned by individuals.

Read more on ThreatPost.

About the author: Dissent

Comments are closed.