An Amazon S3 bucket containing scans of about 119,000 US and foreign citizens' IDs and personal information was found by researchers.
The firm that owns the data, Bongo International, is owned by FedEx and supports North American retailers' and brands' online sales to customers abroad.
In the AWS bucket were over 112,000 files, unencrypted data, and customer ID scans from a wide range of nations, including the US, Mexico, Canada, many EU nations, Saudi Arabia, Kuwait, Japan, Malaysia, China, and Australia.
FedEx did not remove the S3 bucket until its presence was made public, despite Kromtech's best efforts to get in touch with them.
Source: https://securityaffairs.com/69152/data-breach/fedex-company-data-leak.html
TPRM report: https://scoringcyber.rankiteo.com/company/amazon-web-services
"id": "ama350181223",
"linkid": "amazon-web-services",
"type": "Data Leak",
"date": "02/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '119,000',
'industry': 'Logistics',
'location': 'Global',
'name': 'Bongo International',
'type': 'Private'}],
'attack_vector': 'Misconfigured S3 Bucket',
'data_breach': {'data_encryption': 'No',
'file_types_exposed': ['ID scans', 'Unencrypted data'],
'number_of_records_exposed': '119,000',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['ID scans',
'Personal Information']},
'description': 'An Amazon S3 bucket containing scans of about 119,000 US and '
"foreign citizens' IDs and personal information was found by "
'researchers. The firm that owns the data, Bongo '
'International, is owned by FedEx and supports North American '
"retailers' and brands' online sales to customers abroad. In "
'the AWS bucket were over 112,000 files, unencrypted data, and '
'customer ID scans from a wide range of nations, including the '
'US, Mexico, Canada, many EU nations, Saudi Arabia, Kuwait, '
'Japan, Malaysia, China, and Australia. FedEx did not remove '
'the S3 bucket until its presence was made public, despite '
"Kromtech's best efforts to get in touch with them.",
'impact': {'data_compromised': ['ID scans', 'Personal Information'],
'identity_theft_risk': 'High',
'systems_affected': ['Amazon S3 Bucket']},
'post_incident_analysis': {'corrective_actions': ['Removed the S3 bucket'],
'root_causes': ['Misconfigured S3 Bucket']},
'response': {'containment_measures': ['Removed the S3 bucket']},
'title': "Data Exposure of Bongo International's S3 Bucket",
'type': 'Data Exposure',
'vulnerability_exploited': 'Misconfiguration'}