On 09/02/2017 05:49 PM, grarpamp wrote:
On Sat, Sep 2, 2017 at 7:51 PM, Razer <g2s@riseup.net> wrote:
http://www.zdnet.com/article/thousands-of-sensitive-mercenary-resumes-expose... http://gizmodo.com/thousands-of-job-applicants-citing-top-secret-us-govern-1... These types of "news" are fakeass lookatme shitnews without useful actionable doc dumps. Of course Top Secret infiltrators happen. Beware.
They were never hacked (except apparently by the people who reported it) and released.. They were just sitting there for the public if found. OK so maybe it's more formally a Security Breach than a dox but "UpGuard", linked to at the ZDNet article has some details, and screenshots (black-barred details) on-page. It's noted that some of the scumbag Iraqis and Afghani "immigrants" who interpreted the tortured screams of their fellow citizens at some Caci-CIA operated secret torture chamber were in the dox... Hoping they die first. https://www.upguard.com/breaches/cloud-leak-tigerswan
On July 20th, 2017, UpGuard Director of Cyber Risk Research Chris Vickery discovered an Amazon Web Services S3 data storage bucket configured for public access, located at the AWS subdomain “tigerswanresumes.” UpGuard notified TigerSwan of the exposure by email on July 21st and then followed up by phone and email again on July 22nd. During the phone engagement on July 22nd, TigerSwan told Mr. Vickery that they were working with Amazon to secure the data. Upguard placed a follow-up call to TigerSwan’s IT helpdesk on August 10 after observing that the resume files remained unsecured. During that conversation, a TigerSwan representative admitted to being unsure as to why the bucket remained exposed and vowed to bring it to the IT director’s attention. The files were not secured until August 24, 2017. TigerSwan subsequently told UpGuard that the files were left unsecured by a former recruiting vendor.
Within the repository, publicly accessible to any internet user accessing the S3 bucket’s URL, is a folder titled “Resumes,” last backed up or uploaded in February 2017. Inside this “Resumes” folder are 9,402 documents, in varying file formats and with no naming conventions employed for the file names. While this lack of uniformity perhaps indicates the documents were unchanged since being submitted by a large pool of applicants, the file names and contents leave no question as to the nature of the data— resumes and application forms submitted for positions with TigerSwan.