Security News > 2020 > February > Private photos leaked by PhotoSquared’s unsecured cloud storage
After coming across thousands of photos seeping out of an unsecured S3 storage bucket belonging to a photo app called PhotoSquared, security researchers at vpnMentor blurred a few.
VpnMentor's Noam Rotem and Ran Locar note that PhotoSquared's failure to lock down its cloud storage has put customers at risk of identity theft, financial or credit card fraud, malware attacks, or phishing campaigns launched with the USPS or PhotoSquared postage data arming phishers with the PII they need to sound all that much more convincing.
By combining a customer's home address with insights into their personal lives and wealth gleaned from the photos uploaded, anyone could use this information to plan robberies of PhotoSquared users' homes.
PhotoSquared customers could also be targeted for online theft and fraud.
The leaky PhotoSquared app is just the most recent story about misconfigured cloud storage buckets.