TigerSwan, the S*umbag mercenaries who stalked #StandingRock Doxed

Razer g2s at riseup.net
Sat Sep 2 18:11:40 PDT 2017


On 09/02/2017 05:49 PM, grarpamp wrote:
> On Sat, Sep 2, 2017 at 7:51 PM, Razer <g2s at riseup.net> wrote:
>> http://www.zdnet.com/article/thousands-of-sensitive-mercenary-resumes-exposed-after-server-security-lapse/
>> http://gizmodo.com/thousands-of-job-applicants-citing-top-secret-us-govern-1798733354
> These types of "news" are fakeass lookatme shitnews without
> useful actionable doc dumps. Of course Top Secret infiltrators happen.
> Beware.

They were never hacked (except apparently by the people who reported it)
and released.. They were just sitting there for the public if found. OK
so maybe it's more formally a Security Breach than a dox but "UpGuard",
linked to at the ZDNet article has some details, and screenshots
(black-barred details) on-page. It's noted that some of the scumbag
Iraqis and Afghani "immigrants" who interpreted the tortured screams of
their fellow citizens at some Caci-CIA operated secret torture chamber
were in the dox... Hoping they die first.

https://www.upguard.com/breaches/cloud-leak-tigerswan

> On July 20th, 2017, UpGuard Director of Cyber Risk Research Chris
> Vickery discovered an Amazon Web Services S3 data storage bucket
> configured for public access, located at the AWS subdomain
> “tigerswanresumes.” UpGuard notified TigerSwan of the exposure by
> email on July 21st and then followed up by phone and email again on
> July 22nd. During the phone engagement on July 22nd, TigerSwan told
> Mr. Vickery that they were working with Amazon to secure the data.
> Upguard placed a follow-up call to TigerSwan’s IT helpdesk on August
> 10 after observing that the resume files remained unsecured. During
> that conversation, a TigerSwan representative admitted to being unsure
> as to why the bucket remained exposed and vowed to bring it to the IT
> director’s attention. The files were not secured until August 24,
> 2017. TigerSwan subsequently told UpGuard that the files were left
> unsecured by a former recruiting vendor.
>
> Within the repository, publicly accessible to any internet user
> accessing the S3 bucket’s URL, is a folder titled “Resumes,” last
> backed up or uploaded in February 2017. Inside this “Resumes” folder
> are 9,402 documents, in varying file formats and with no naming
> conventions employed for the file names. While this lack of uniformity
> perhaps indicates the documents were unchanged since being submitted
> by a large pool of applicants, the file names and contents leave no
> question as to the nature of the data— resumes and application forms
> submitted for positions with TigerSwan.





More information about the cypherpunks mailing list