Whoops. MacKeeper researcher Chris Vickery spotted the exposed data on March 31st while running searches against the s3.amazonaws.com domain. The unencrypted domain included 59,000 rows of data including sensitive stuff like SSN’s and internal data such as unencrypted credentials for credit report sites. On a plus side, after being informed, the database was secured quickly, but it shouldn’t have happened in the first place.
Erich Kron is the Security Awareness Advocate at KnowBe4, and has over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere.