Website Planet researchers report the finding of a data breach affecting D.W. Morgan, a U.S.-based multinational logistics firm. According to the report, the leak is due to an Amazon Web Services (AWS) bucket completely exposed online, accessible without any security measures.
The database contained more than 100 GB worth of data with 2.5 million files detailing financial, shipment, transportation, personal and sensitive records of fortune 500 companies leaked.
The exposed AWS bucket included five folders storing five specific file classifications, the researchers were able to detect:
- Transportation plans and agreements
- Process photos
- Attachments
- Signatures
- Unidentified documents
Below we will give a brief review of the characteristics of each folder exposed during this incident.
Transportation plans and agreements
This first folder includes data on the company’s transportation plans and agreements; this information includes the agreed course of action for delivery drivers, warehouse and security personnel. Among the exposed records are:
- Process details
- Facility locations
- Full names
- Customers’ business email addresses
Process Photos
This folder stored at least 800,000 illustrative images about various parts of the shipping process at the company. These images were probably captured by employees to record shipments and documents.
Attachments
It includes all kinds of invoices, shipping labels, and packing lists that are likely to come from the company’s email systems. In total, there were more than 10,000 of these files in this specific folder.
Signatures
Although many details about the signatures found in the bucket are unknown, they are likely related to the multiple delivery processes in the company. The folder stores more than 4.5 million files.
Unidentified documents
More than 100,000 files that appear unrelated to each other, though they include personally identifiable information and corporate customer details.
Investigators immediately notified the company, which rushed to revoke insecure access to the compromised information. However, it is unknown how long this information may have been exposed.
As in any other similar incident, affected employees and corporate customers could be exposed to phishing attacks, identity fraud and complex social engineering campaigns, so it is critical that the company implements the necessary prevention mechanisms to address the incident.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.