Second AWS Customer Breach in Two Days

Second AWS Customer Breach in Two Days

As I reported just this morning, a hack into an AWS customer, Code Spaces, yesterday caused the company to have to shut its doors due to the breach. The attack was accompanied by an extortion attempt and resulted in the loss of most of the data the company had been storing for customers. Despite supposed redundancy, the data is unrecoverable.

Today, two more services are under attack. Websolr and Bonsai have stated that their AWS account has been compromised and the intruder has had access to their AWS EC2 account.

The Bonsai server status page details the 5 hour blight, from intrusion to data restoration attempts.

Websolr is providing updates through its Twitter account, with the most current update showing that the full service restoration is going to take a while.

As I mentioned earlier, Amazon itself is not being blamed since AWS puts responsibility for lost or stolen credentials on the customer. However, it seems a bit strange that two very similar occurrences have hit AWS customers in such a short time frame. One has to think that a hacker, or team of hackers, are targeting customers of AWS and they may have figured out Amazon's protection schemes.  I could be wrong about that, but time will tell.

Perception of security, of course, is the biggest detractor of businesses deciding to go "all in" for the Cloud. Two successful hacks in two days is too much.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish