Exploit: Misconfiguration
Civicom Inc.: Business Services
Risk to Business: 2.017 = Severe
Civicom is in hot water after leaving 8 TB of data exposed in an unsecured AWS S3 bucket. The New York-based company specializes in virtual conferencing facilitation, transcription and research services. With offices in the United States, the Philippines and the United Kingdom. Ultimately, Civicom exposed records containing more than 100,000 files including thousands of hours of audio and video recordings containing private conversations as well as written transcripts of meetings and calls by the company’s clients.
Individual Impact:
No specifics about consumer/employee PII or financial data loss were available at press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: This is not an uncommon mistake, but it’s always a problem and could be an expensive regulatory disaster in some industries
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.