s3 / Boing Boing

/ SUBMIT / SEARCH / STORE /

Blog : Show me the posts

Forums : But read the community guidelines

Shop : A Directory of Wonderful Products

About Us : Editors, Contributors and Staff

Advertise Here : Thank you for not blocking ours

Cory Doctorow / 10:26 am Thu, Jul 11, 2019

A prolific credit-card theft ring is scanning for unsecured "buckets" in Amazon's cloud and has compromised 17,000 domains (so far)

Magecart is the hacker gang that pulled off the British Airways and Ticketmaster credit-card heists; now they've build an Amazon cloud scanner that systematically probes S3 storage "buckets" for configuration errors that allow them to overwrite any Javascript files they find with credit-card stealing malware. Read the rest

Cory Doctorow / 11:31 am Wed, Apr 3, 2019

540 million Facebook users' data exposed by third party developers

The Mexican media company Cultura Colectiva and an app called "At the Pool" used their access to their users Facebook data to make local copies of it, then left that data exposed, in the clear, without a password, on the public internet -- 540 million records in all, stored in publicly accessible Amazon S3 buckets. Read the rest

Read the rules you agree to by using this website in our Terms of Service.

We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.

Boing Boing uses cookies and analytics trackers, and is supported by advertising, merchandise sales and affiliate links. Read about what we do with the data we gather in our Privacy Policy.

Who will be eaten first? Our forum rules are detailed in the Community Guidelines.

Boing Boing is published under a Creative Commons license except where otherwise noted.

From the Boing Boing Shop

Follow Us

Twitter / Facebook / RSS

A prolific credit-card theft ring is scanning for unsecured "buckets" in Amazon's cloud and has compromised 17,000 domains (so far)

540 million Facebook users' data exposed by third party developers

From the Boing Boing Shop

Follow Us

Twitter / Facebook / RSS

A prolific credit-card theft ring is scanning for unsecured "buckets" in Amazon's cloud and has compromised 17,000 domains (so far)

SHARE / TWEET / 8 COMMENTS

amazon / aws / cloud / crime / infosec / magecart / s3 / security / skimming

540 million Facebook users' data exposed by third party developers

SHARE / TWEET / 12 COMMENTS

amazon / at the pool / cultura colectiva / eternal data valdez / facebook / privacy / s3 / upguard