Dow Jones suffers massive sensitive information leaking

Because of a configuration error in Amazon Web Services, the company exposed highly sensitive information

According to network
and ethical hacking specialists from the International
Institute of Cyber Security, Dow Jones has become the most recent victim of
confidential information exposure due to configuration errors of its cloud
storage service. According to reports, a poor configuration on its platform at Amazon
Web Services
(AWS) resulted in the company’s critical information

Bob Diachenko, an independent network security
specialist, discovered the huge set of compromised Dow Jones information in an
Elasticsearch cluster. According to the investigator, the compromised
information consists of about 4 GB of company data, and was available for the
public access to anyone with sufficient knowledge to access these online

The network security expert highlights that the
dataset contains about 2.5 million records showing confidential information,
such as:

  • Information
    related to politically exposed people, their relatives, close associates and
    associated companies
  • Lists
    and categories of sanctions from national and international governments
  • Persons
    who are officially linked or charged with serious crimes
  • Notes
    made by Dow Jones

“The list includes politically relevant
characters, citizens with criminal history, and possible links to terrorist
organizations, and even companies sanctioned for high-profile financial crimes”,
mentions a statement from an authority Regulatory in the public relations
market. Exposed records include names, addresses, location data, birth dates,
genres, and even photographs.

A Dow Jones official pronouncement is still

To Top

Pin It on Pinterest

Share This