Security researchers at Website Planet reportedly discovered an unsecured Amazon S3 bucket containing sensitive information belonging to millions of people. The information inside the bucket included personally identifiable information (PII) of millions of individuals stored in 6,000 files. The data exposed in the bucket was over 1GB of files. According to Website Planet, 99% of the data belongs to American residents and the remaining amount belongs to people living in Canada. Researchers released a blog post regarding the security failure and determined that the bucket was the property of Beetle Eye, a marketing and CRM company based in Florida.
Researchers determined that the bucket belonged to Beetle Eye after discovering references to the company inside the unsecured bucket. Beetle Eye boasts a wide range of clients, including Hilton Sandestin Beach, Grand Junction Colorado, the Marigot Bay resort, and more. The bucket was reportedly left unsecured due to poor configuration attempts. There was no password protection or encryption that had been enabled to secure its contents. Information in the files includes phone numbers, email addresses, survey question answers, addresses, and more.
Read More: Marketing Firm Exposes Lead Data