Capital One data breach affected over 106 million people, 140,000 Social Security numbers, 80,000 bank account numbers,1,000,000 Social Insurance Numbers ... The breach had taken place about 4 months back however it took some time before the breach was realised, in-fact it took an external tip for Capital One to realise something had happened.
The legal case built was quite interesting. Before I share the legal case link heres a short summary just in-case you dont know all the deatils of the breach.
Short Synopsys Of What Happened:
- Paige Thompson copied and downloaded 700 different S3 buckets
- Paige was able to access a server that had a misconfigured firewall
- She accessed EC2 Instance in the server through an opening in the firewalls
- Since the Server's
IAM Rolepermitted the access to S3 of 700+ Buckets, she could access them - Now she just ran the "List Buckets" command and the "Sync" command from the AWS CLI
>>Here is a link to the legal case that has been built: Legal Case Link
Learnings From The Breach:
This breach might cost Capital One $150 Millions and on top of that the loss of brand/face ...
- Audit your security regularly
- Monitor misconfigured infrastructure like "open S3 buckets"...etc
Comments