Researchers find unsecured AWS server with 600GB of corporate data

Researchers from the company Kromtech Security Center have discovered an unsecured AWS server containing 600GB of data from various companies. Most of the data would come from the American cable company Time Warner Cable, which was acquired in 2016.

The company writes that the databases contain a total of 4 million records. The data includes usernames, MAC addresses, serial numbers, account numbers, addresses and telephone numbers. Below that would be the data of “hundreds of thousands” of TWC customers. Because this is a large amount of data, the researchers say it will probably take weeks to map everything.

The data belongs to the American company BroadSoft, which supplies communication software, among other things. The data therefore contains not only internal development data from TWC, but also from companies such as AMC and Bright House Networks, according to Kromtech. After the security firm notified BroadSoft, a contact denied that the data came from the company.

BroadSoft has since informed Gizmodo that it is indeed data from its customers, but that the data is “not very sensitive”. The company that acquired TWC in 2016, Charter Communications, tells the site that customers who have used the so-called MyTWC app may have been affected by the leak. It would therefore be advisable for those customers to change their password and username.

Kromtech assumes that the data could be accessed by ‘anyone with an internet connection’ due to a configuration error. The company found the data when it searched for servers with the word “test” in them. Shortly before that, it had found an unsecured test server of World Wrestling Entertainment. The researchers therefore suspect that there are many more such unsecured AWS buckets to be found. It is not the first time that data has been leaked in this way, for example the data of 198 million American voters.