Skip to main content
close search
site logo
Dive Brief

Open servers reveal 1.8B social media records collected by DOD

Published Nov. 21, 2017
Samantha Schwartz's headshot
Samantha Schwartz Reporter
CC0 Public Domain Free for commercial use No attribution required Pixabay

Dive Brief:

  • The Department of Defense (DOD) had three open Amazon Web Services S3 cloud storage buckets, which left 1.8 billion social media records exposed, UpGuard found in September. The records had been collected by the U.S. Central Command and U.S. Pacific Command.
  • UpGuard, a security firm, was able to locate the open servers and data because a DOD contractor left them reachable to anyone that holds an AWS account. If decompressed, the files could be located through keyword and partial word searches in different languages.
  • The compromised records were collected from 2009 to 2015 and "'scraped' from the public internet." The origin, nature and web addresses from the posted content accompanied the exposed information, according to UpGuard. It is unknown "how or why" the data was collected. 

Dive Insight:

The DOD's mishap is just another drop in the open S3 bucket. The collection of the public's social media is not surprising to most. The use of third party vendors remain inevitable, but the negligent approach to storing it is cause for distress.

The report found that the data included common, everyday social media activity. Ultimately, comments on Facebook, YouTube and Twitter are public, but their collection is "used for measurement and engagement activities" for websites, according to Major Josh Jacques, spokesperson for U.S. Central Command, reports CNN.

The same is true for the private sector. This year saw World Wresting Entertainment compromise about three million fans in July because of two open servers. Verizon also experienced a data leak, impacting 14 million customers, after one of its S3 buckets was marked for external access.

The realization of the government monitoring the public's data and online activity brings to mind the case of Edward Snowden, but now it is a question of security practices. As the government continues to accumulate troves of data, the cloud is the only way to store and sort it. But privacy remains a sensitive issue, even for companies willing to surveil its employees for their "value."

Recommended Reading

Filed Under: Cloud, Security

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Welcomes Lakshmi Hanspal as New Chief Trust Officer
From DigiCert
October 24, 2024
A10 Networks Outlines Blueprint to Secure and Deliver AI Applications and Help Increase Cyber …
From A10 Networks
October 16, 2024
Blackpoint Cyber Launches Global Partner Program and Enablement Platform Emphasizing a Focus o…
From Blackpoint Cyber
October 30, 2024
Celonis Business Collaboration Networks Drive Process Improvement Across Company Boundaries
From Celonis
October 23, 2024
Editors' picks
Latest in Cloud
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell