Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing “dozens of terabytes” of social media posts and similar pages – all scraped from around the world by the US military to identify and profile persons of interest.
The archives were found by UpGuard’s veteran security-breach hunterChris Vickery during a routine scan of open Amazon-hosted data silos, and the trio weren’t exactly hidden. The buckets were named centcom-backup, centcom-archive, and pacom-archive.
CENTCOM is the common abbreviation for the US Central Command, which controls the army, navy, air force, marines and special ops in the Middle East, north Africa and central Asia. PACOM is the name for US Pacific Command, covering the rest of southern Asia, China and Australasia.
Source: The Register