An unsecured Amazon AWS bucket configuration has exposed exclusive information near the world's leading host provider companionship GoDaddy.
In June, cybersecurity theatre UpGuard’s need a opportunity analyst Chris Vickery establish out files containing
detailed server information was stored within an unsecured S3 bucket, a cloud storage service provided by Amazon Web Services.
Looking into the database "abbottgodaddy," he revealed that it contains multiple versions of information which mightiness instruct over 31,000 GoDaddy systems.
According to UpGuard, the leaked information had architectural details likewise equally "high-level configuration information for tens of thousands of systems as well as pricing options for running those systems inward Amazon AWS, including the discounts offered nether dissimilar scenarios."
Exposed details include configuration files for hostnames, operating systems, workloads, AWS regions, memory, as well as CPU specifications.
"Essentially, this information mapped a real large scale AWS cloud infrastructure deployment, amongst 41 dissimilar columns on private systems, likewise equally summarized as well as modeled information on totals, averages, as well as other calculated fields," the cybersecurity theatre said.
Meanwhile, Amazon has issued a clarification, stating that no GoDaddy client information was stored inward the exposed S3 bucket:
"The bucket inward inquiry was created past times an AWS salesperson to shop prospective AWS pricing scenarios spell working amongst a customer. No GoDaddy client information was inward the bucket that was exposed. While Amazon S3 is secure past times default as well as bucket access is locked downward to merely the work concern human relationship possessor as well as rootage administrator nether default configurations, the salesperson did non follow AWS best practices amongst this especial bucket.”
