March 31, 2023

A misconfigured AWS S3 bucket containing a massive trove of data belonging to a USA-based education publishing firm, McGraw Hill, found leaking the data.

McGraw Hill is among the top three educational content publishers in the United States, widely used by educational institutions across Canada, for facilitating online classes.

Advertisements

The researchers discovered one non-production bucket containing over 69 million documents and 10TB+ of data and one production bucket containing 12TB+ of data. In total, 22TB of data was exposed, and the buckets contained 117 million files. The buckets were discovered on 12 June 2022. Researchers contacted McGraw Hill and received the response on 9th July 2022.

Approximately 100 thousand students could be exposed to numerous online attacks due to this data breach. Their private data, such as personal details and grades, could be at risk, and anyone could access it using a web browser.

The data exposure might have a far-reaching impact because users worldwide are affected by this exposure. However, it is unclear whether the servers were accessed by a third party with malicious intent or not.

Advertisements

Nevertheless, at the time of publishing this article, both exposed servers had been secured, Researchers from vpnMentor’s non-stop alerts to concerned authorities.

Tags:

Leave a Reply

You may have missed

Microsoft Patches BingBang Cloud Vulnerability Exposing O365 Data

Microsoft Patches BingBang Cloud Vulnerability Exposing O365 Data

March 30, 2023
Microsoft Defender Reports Zoom and Google as malicious

Microsoft Defender Reports Zoom and Google as malicious

March 30, 2023
Cisco Acquiring Lightspin

Cisco Acquiring Lightspin

March 30, 2023
APT-43 Elite North Korean Group

APT-43 Elite North Korean Group

March 29, 2023
Microsoft AI Security Copilot

Microsoft AI Security Copilot

March 29, 2023
Apple Backports ZeroDay Patches for older devices

Apple Backports ZeroDay Patches for older devices

March 28, 2023
%d bloggers like this: