HomesecurityAWS Bucket exposed data from hundreds of social media influencers

AWS Bucket exposed data from hundreds of social media influencers

According to researchers security, a cloud storage bucket with the wrong configuration was discovered, that is responsible for leakage personal information of hundreds of social media influencers.

social media influencers

A team of him vpnMentor discovered this AWS S3 bucket, which was open, without encryption or password access. The discovery was made in early November. What is worrying is that the company that is responsible (21 Buttons) has not done anything yet.

Various social media influencers upload their photos to application of the company and are associated with e-commerce stores, where the users can buy the clothes that influencers wear in the photos.

AWS Bucket

According to vpnMentor, 21 Buttons has about two million active users per month and collaborates with some of the largest brands in Europe.

According to the researchers, the AWS S3 bucket has exhibited at least 50 million files, which are mainly photos and video of influencers, but also hundreds invoices which are said to be related to payments of social media stars.

The personal information exposed include: full names, zip codes, bank details, IDs, PayPal email addresses, etc.

Among the social media influencers whose data were exposed are: Carlota Weber Mazuecos, Freddy Cousin Brown, Marion Caravano, Irsa Saleem and Danielle Metz. They all have millions of followers.

The vpnMentor team warned that if cybercriminals obtain the exposed personal information, influencers will be in a very difficult position, as their data can be used to Phishing and other scams, such as identity theft or bank fraud.

"If the invoices are exposed online, criminals will have plenty of material to identify influencers' private accounts, and they will be able to determine where their homes and workplaces are." they said Investigators.

"This means that the people affected are not only vulnerable to phishing and scams. There is also a risk of privacy breach, doxing, stalking and harassment - both online and offline".

Source: Infosecurity Magazine

Digital Fortress
Pursue Your Dreams & Live!