The personal information of 123 million households in the US may have been compromised after an Amazon Web Services (AWS) cloud storage “bucket” was left exposed, according to a report.
ZDNet reported on Tuesday that information from “data analytics firm Alteryx has been found publicly exposed” in the cloud storage bucket, “comprising the personal information of 123 million US households.”
“The 36 GB data file titled ‘ConsumerView_10_2013’ contained over 123 million rows, each one signifying a different American household,” they explained. “To highlight the breadth of the issue, UpGuard said the exposed data reveals over 3.5 billion fields of personally identifying details and data points about virtually every American household, including racial and ethnic information.”
ZDNet noted, “The spreadsheet uses anonymised identifiers, but the information in the other few billion fields are very detailed.”
“Default security settings for S3 buckets usually allow only authorised users to access the contents; however, UpGuard reports the bucket was configured via permission settings to allow any AWS ‘Authenticated Users’ to download its stored data,” the report explained.
In September, the United States Department of Defense granted permission to Amazon Web Services to host the “highest level of unclassified information” on their cloud.
Earlier this year, a number of prominent websites were also temporarily forced offline after Amazon Web Services suddenly went down.