
Verizon exposes estimated 6 mil records of customers. S3 bucket misconfig again - Cirith_Ungol
Looks like a third-party firm, NICE Systems, left an S3 bucket externally accessible. The data included PIN codes and phone numbers, which are used to verify customers. This info could be used to impersonate a customer and get a new SIM card. With the SIM card, the impostor could hijack the customer&#x27;s phone and hack into personal and corporate accounts that use 2FA. Here&#x27;s the full article: https:&#x2F;&#x2F;www.upguard.com&#x2F;breaches&#x2F;verizon-cloud-leak
======
graystevens
Currently doing something similar - I'm scanning over 1 million buckets
looking for vulnerabilities and misconfigurations. I've already found and
responsibly disclosed a number of public buckets containing user data or
information that simply shouldn't be public.

I shall put a blog post together once the scan is complete, and post it here
for reference.

------
Cirith_Ungol
Clickable: [https://www.upguard.com/breaches/verizon-cloud-
leak](https://www.upguard.com/breaches/verizon-cloud-leak)

