Data breach exposes need to secure cloud servers


A data breach at a recruitment company exposed by GlobalData’s Verdict has underlined the need for companies to check cloud servers are secure.

An unsecured Amazon Web Services S3 bucket meant that the personal data of more than 17 000 individuals was left exposed by recruitment company Crew and Concierge, Verdict reports.

GlobalData technology editor Lucy Ingham says: “There are also vital lessons for companies handling this type of data.

“Misconfigured cloud servers are a common source of breaches, despite the fact that many services, including those provided by AWS, are secure by default.

“It is essential that companies using such products ensure they have the correct security settings in place, particularly recruiters and others handling sensitive personal data.

“This is the second data breach to impact the yachting industry this year. Less than a week ago, the Royal Yachting Association informed its members that an unauthorised party may have accessed its membership database.”