Submitted via IRC for AndyTheAbsurd
An Amazon Web Services (AWS) S3 cloud storage bucket containing information from data analytics firm Alteryx has been found publicly exposed, comprising the personal information of 123 million US households.
[...] The 36 GB data file titled "ConsumerView_10_2013" contained over 123 million rows, each one signifying a different American household. A similar file was seen by UpGuard when the personal details of 198 million American voters, compiled in a dataset by a data firm used by the Republican National Committee, were exposed.
[...] Default security settings for S3 buckets usually allow only authorised users to access the contents; however, UpGuard reports the bucket was configured via permission settings to allow any AWS "Authenticated Users" to download its stored data.
Authenticated users are any user that has an AWS account.
[...] Alteryx took ownership for the bucket after it had secured it, UpGuard said, with an Alteryx spokesperson playing down the leak to Forbes.
"Specifically, this file held marketing data, including aggregated and de-identified information based on models and estimations provided by a third-party content provider, and was made available to our customers who purchased and used this data for analytic purposes," the spokesperson is quoted by Forbes as saying. "The information in the file does not pose a risk of identity theft to any consumers."
Source: Alteryx S3 leak leaves 123m American households exposed
(Score: 4, Touché) by c0lo on Wednesday December 20 2017, @07:54PM (1 child)
Why do you hate profit?
Ah, you're commie. That explains why. Carry on, then (just beware TMB)
(sarcastic grin)
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Thursday December 21 2017, @06:34PM
Why are the people in it not permitted to have a copy, unless of course it's via an unintended disclosure like this situation?
Even FB is required to do so if you ask, and they do so in the worst most unuser friendly methods possible. It's like they designed the ways to most piss off people if they have to do this.
just make sure to ask for that before deleting your account.
then later ask for it again after the account has been 'deleted'.