Security Market Segment LS
Saturday, 18 November 2017 11:13

ABC leaks sensitive data through misconfigured S3 bucket Featured


The Australian Broadcasting Corporation has leaked data online through two improperly secured Amazon Web Services S3 repositories, according to the Kromtech Security Centre.

Researchers from the centre, which is part of MacKeeper Security, said they had found data connected to ABC Commercial, an ABC division that earns revenue for the broadcaster through retail and content sales and publishing.

The visible material included information about production services and stock files, not material that should be available to world+dog.

Kromtech said this was not the first time that the ABC had suffered a data breach, with the corporation's website having been hacked in 2013. At that time, the details of about 50,000 users were leaked online, including usernames, email addresses, password hashes, and other user details.

The current leak through AWS meant that the sysadmins at the ABC had misconfigured a repository and provided access to anyone with a browser who knew the URL.


A redacted screenshot of one of the user tables in MySQL database back-ups on the exposed repository, all publicly available.

Ironically, news of the ABC leak comes just a week after Amazon launched new S3 encryption and security features.

In the past, misconfigured S3 buckets have been found to be leaking data from global corporate consulting and management firm Accenture, publisher Dow Jones, a Chicago voter database, a North Carolina security firm, and a contractor for the US National Republican Committee.

The Kromtech researchers said they had launched an S3 inspector tool a month ago to help IT administrators to check AWS S3 buckets for security. "It’s been more than a year since we at Kromtech Security started alerting businesses and communities on dangers of having public access to S3 repositories," they said.

The leak contained the following, according to the researchers:

  • Several thousands emails, logins, hashed passwords for ABC Commercial users to access the ABC content (these include users who are well known members of the media);
  • Requests for licensed content as sent by TV and media producers from all over the world to use ABC’s content and pay royalties.
  • Secret access key and login details for another repository, with advance video content; and
  • 1800 daily MySQL database backups from 2015 to the present.

Kromtech said that the S3 bucket was indexed by Censys, a public search engine that allows researchers to query hosts and networks, and identified during a regular security audit of misconfigured S3 environment on 14 November.

Bob Diachenko, head of Communications at Kromtech, commented: “Security can not be ignored any more and and it is not just an organisation's reputation but the real data of customers, partners, or vital business information that is at stake with each new data breach."

Asked for comment, an ABC spokesman confirmed to iTWire that it had been notified of a data exposure on 16 November. "ABC technology teams moved to solve this issue as soon as they became aware," the spokesman added. The same information has also been posted on the ABC website.

Screenshot: courtesy Kromtech Security Centre


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments