Amazon RDS Snapshots Expose Sensitive Data


Researchers have found leaks in the form of publicly shared Amazon RDS snapshots.

Amazon RDS, a cloud-based backup service, can leak personally identifiable information (PII) to the public Internet, reports Elizabeth Montalbano.

The vulnerability was found by the Mitiga Research Team, which discovered numerous Amazon RDS snapshots being shared publicly, Montalbano says. “Some of the exposures last for months, and some for just a short period of time, in both cases potentially allowing threat actors to take advantage,” the researchers noted in a recent blog post.

"These snapshots can be shared across different [Amazon Web Services] accounts – in or out of the on-premises organization, as well as AWS accounts that make the RDS snapshots publicly available," the researchers said. "With that, one might unintentionally leak sensitive data to the world, even if you use highly secure network configuration."

Read more at Dark Reading.


Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.