Breach Brief – U.S. Government, TimeWarner Cable, Instagram,
The personal information of thousands of U.S. citizens and employees holding security clearances up to Top Secret have been compromised.
The security breach was revealed by Chris Vickery Director of cyber risk research firm UpGuard. Vickery found the information of over 9,000 job application files on an un-secure Amazon Web Services S3 storage server that required no password to access.
The data included details about the past duties and responsibilities of thousands of federal employees. It is unclear if these people continue to work for the government, the U.S. Department of Defense and other agencies in the U.S. intelligence community.
Even so the information is extremely sensitive including personal information such as social security numbers, driver’s license and passport numbers, home addresses and other contact details. A leak of this magnitude represents a significant security failure that comes after a major government Office of Personnel Management (OPM) data breach in 2015.
In a statement Tiger Swan said, “We learned that our former recruiting vendor TalentPen used a bucket site on Amazon Web Services for the transfer of resumes to our secure server but never deleted them after our login credentials expired. Since we did not control or have access to this site, we were not aware that these documents were still on the web, much less, were publicly facing.”
Among the hundreds of exposed files UpGuard discovered were the resumes of people with Top Secret U.S. security clearances, other documents revealed details about Iraqi and Afghan nationals who cooperated with U.S. forces. Some of those exposed by this data breach were involved in highly classified military operations. To add insult to injury UpGuard stated that the highly sensitive information remained exposed even after it notified TigerSwan about the leak.
Spectrum Communications, owner of TimeWarner Cable, announced a data breach affecting the records of 4 million former customers. TimeWarner Cable (TWC) customer’s data were left unsecured on a cloud server last month. TWC and said there is no evidence of illegal activity on its former customer’s accounts. The company did however urge subscribers using the MyTWC app to change their user names and passwords as a precaution.
TimeWarner Cable provides cable television service to major metropolitan areas including New York, Boston, Chicago, St. Louis and major part of the Carolinas and throughout the country.
The breach was uncovered by a third party firm attempting to resolve a data breach at another company. According to reports, BroadSoft, a TWC partner and global communications provider may have accidentally configured an Amazon Web Services server to allow public access.
According to Bob Diachenko, chief communications officer at security vendor Kromtech, the error exposed over 600GB of sensitive data to the public internet.
“It is most likely that they were forgotten by engineers and never closed the public configuration. This would allow anyone with an Internet connection to access extremely sensitive documents,” he said.
A hack originally intended to target celebrities has instead impacted over six million Instagram user accounts.
Instagram sent out warnings of the hack after singer, Selena Gomez, appeared to be one of the first celebrity compromised. Hackers used a bug in the application programming interface (API), to access phone numbers and email addresses.
The news of the hack came after Instagram assured it users on August 30th that only celebrity accounts were targeted.
Instagram CTO, Mike Krieger released a statement acknowledging the scale of the breach; “We care deeply about the safety and security of the Instagram community, so we want to let you know that we recently discovered a bug on Instagram that could be used to access some people’s email address and phone number even if they were not public.”
Originally Instagram stated that only a “low percentage” of accounts were affected but quickly back tracked when hackers refuted the information. Instagram, which is owned by Facebook, then advised users how to protect themselves from such an attack. “Additionally, we’re encouraging you to report any unusual activity through our reporting tools,” Instagram said.
Some reports indicate that one of the accounts compromised includes that of President Donald Trump. That account is operated by White House social media team.