December 11, 2023

A misconfigured AWS S3 bucket containing a massive trove of data belonging to a USA-based education publishing firm, McGraw Hill, found leaking the data.

McGraw Hill is among the top three educational content publishers in the United States, widely used by educational institutions across Canada, for facilitating online classes.

Advertisements

The researchers discovered one non-production bucket containing over 69 million documents and 10TB+ of data and one production bucket containing 12TB+ of data. In total, 22TB of data was exposed, and the buckets contained 117 million files. The buckets were discovered on 12 June 2022. Researchers contacted McGraw Hill and received the response on 9th July 2022.

Approximately 100 thousand students could be exposed to numerous online attacks due to this data breach. Their private data, such as personal details and grades, could be at risk, and anyone could access it using a web browser.

The data exposure might have a far-reaching impact because users worldwide are affected by this exposure. However, it is unclear whether the servers were accessed by a third party with malicious intent or not.

Advertisements

Nevertheless, at the time of publishing this article, both exposed servers had been secured, Researchers from vpnMentor’s non-stop alerts to concerned authorities.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

TheCyberThrone Security Week In Review – December 2nd & 10th, 2023

December 10, 2023

5Ghoul Vulnerabilities affects 5G devices

December 10, 2023

Microsoft EDGE Browser Critical Sandbox Escape Vulnerability – CVE-2023-35618

December 9, 2023

WordPress POP CMS Vulnerability

December 9, 2023

Apache Struts fixes Critical Vulnerability – CVE-2023-50164

December 8, 2023

Meta enables Messenger with E2EE by Default

December 8, 2023 2
%d