Like many organizations, Systema Software hosts their Software as a Service (SaaS) offering on Amazon Web Services (AWS) so that they don't need to manage their own hardware infrastructure. Just because you're hosted on someone else's platform doesn't mean you don't have to worry about the security of your system, and Systema Software found that out the hard way.
According to DataBreaches.net, a technology enthusiast was combing through subdomains of companies that host their services on AWS because he heard that organizations sometimes accidentally post data there. He was "rewarded" with a database backup that contained over 1.5 million records, including healthcare data, social security numbers, addresses, phone numbers, bank account numbers, usernames, and password hashes. He discovered the data on August 30th, and immediately reported the breach to the proper authorities. Luckily for everyone involved, the data was only accessed by this one person and he is working with authorities to ensure that it's properly scrubbed from his system.
There's an old saying in security that still rings true: As security increases, usability decreases. The opposite, however, is also true: As usability increases, security decreases. With everyone wanting their data to be available anytime, anywhere, from any device, we're improving the usability of systems but making them harder to secure.
Source: Databreaches.net via Gizmodo
Holographic cityscape in clouds against technical background with squares image via Shuttershock
3 Comments - Add comment