Misconfigured AWS Bucket Exposes Hundreds of Social Influencers
Phil Muncaster UK / EMEA News Reporter , Infosecurity Magazine
A misconfigured cloud storage bucket has exposed the personal details of hundreds of social media influencers, potentially putting them at risk of fraud and harassment, according to researchers.
A team at vpnMentor discovered the AWS S3 bucket wide open with no encryption or password protection, back in early November. Action has apparently yet to be taken by the company responsible, Barcelona-based “social commerce” company 21 Buttons.
For a commission, influencers upload their photos to the firm’s app and link to the e-commerce stores where users can buy the clothes they’re wearing.