Israeli data manager had data breach that affected unknown number of large companies
Security researchers have found three unsecured Amazon S3 buckets from Israeli Attunity. It concerns a TB of data, three quarters of which are backups of e-mails. Not all affected companies are disclosed, but Attunity has large customers.
On Attunity’s website, the company reports that it provides services to 44 of the Fortune 100, as well as more than 2,000 customers. Names it mentions include Philips, Ford and Mercedes. The report, which comes from UpGuard, also includes Netflix. Attunity migrates and manages data for its customers and does analytics.
The backups of the e-mail, but also the other files here and there contain usernames and passwords of administration accounts, but also invoices, OneDrive backups, specifications of customer systems and personal data of employees, including that of Attunity itself. The employee numbers were probably just copies of their social security numbers. Finally, customer data and data from companies that trade with the companies involved were also included.
The leak was discovered by UpGuard on May 13 of this year and security specialists contacted Attunity on May 16. The leak was repaired the next day. Attunity has not commented on the leak on its website or social channels.