Capita confirms it has now secured the bucket and data only contained 'release notes and user guides.'
Capita left a trove of data exposed online for seven years, exposing multiple files.
According to TechCrunch, a security researcher (requesting anonymity) discovered an unprotected Amazon-hosted storage bucket, which had been exposed to the internet since 2016, and contained approximately 3,000 files totaling 655GB in size.
The exposed data included software files, server images, numerous Excel spreadsheets, PowerPoint presentations and text files, according to a sample of filenames reviewed by TechCrunch.
One of the text files contained login details for one of Capita’s systems, the security researcher found, and some filenames suggested data was being uploaded to the exposed bucket this year.
There was no password on the bucket, allowing anyone who knew the easy-to-guess web address access to the files.
The bucket has now been secured by Capita, and spokesperson Elizabeth Lee told TechCrunch that the unsecured bucket contained "information such as release notes and user guides, which are routinely published alongside software releases in line with standard industry practice.”
Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
Streamlining the lifecycle of joiners, movers, and leavers using no-code automation
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
