An insurance software provider exposed clients’ sensitive data that it had stored on an Amazon Simple Storage Solution (S3) bucket.
Andrew Lech, founder of AgentRun, confirmed the breach in an email sent out to the insurance agency management software company’s clients. As quoted by ZDNet:
We were migrating to this bucket during an application upgrade and during the migration the permissions on the bucket were erroneously flipped.
At the time of discovery, the S3 bucket in question lacked password protection and was accessible to anyone. A bad actor could have therefore examined its contents, which included medical information, financial details and insurance policy documents. Many of those items contained people’s personally identifiable information (PII) including their names, addresses, dates of birth, phone numbers, Social Security Numbers, Medicare cards and even their bank checks in a few instances.
In total, the leak compromised thousands of files involving Cigna, TransAmerica, SafeCo Insurance, Schneider Insurance, Manhattan Life and Everest.
The insurance software provider closed the leaky bucket within an hour of disclosure.
AgentRun wasn’t the first victim of an S3 storage breach. In 2017, the Pentagon, Verizon, the National Federal Credit Union and others all suffered similar incidents.
To prevent a S3 storage breach, many organizations now realize the importance of evaluating the configuration settings for their S3 buckets and other cloud-based storage assets. Some methods aren’t as effective as others. Manual evaluation processes, for example, often require lots of time and resources, and they can still miss crucial gaps.
Organizations shouldn’t leave anything up to chance when it comes to their S3 buckets. Instead they should look into a solution like Tripwire’s Cloud Management Assessor that automatically checks to see if any S3 storage files are exposed.
Learn more about how Tripwire’s solution helps secure S3 buckets and similar storage assets by downloading this datasheet.