Security News > 2020 > December > Unsecured Azure blob exposed 500,000+ highly confidential docs from UK firm's CRM customers

Unsecured Azure blob exposed 500,000+ highly confidential docs from UK firm's CRM customers
2020-12-18 15:32

A business app developer's unsecured Microsoft Azure blob left more than half a million confidential and sensitive documents belonging to its customers freely exposed to the public internet, The Register can reveal.

The blob also included FedEx shipment security documentation, internal complaints from foodstuffs firm Huel, an investment management firm, and countless others - and in at least one example seen by The Register a passport scan.

Files viewed by us as we tried to figure out which firm owned the blob - and notify it that it needed locking up - also contained highly sensitive medical data.

One Probase customer is Huel, the liquidised foodstuffs company, which used a complaints-tracking system that appeared to be fed into the unsecured Probase blob.

Azure blob security has historically had a lower profile than AWS S3 buckets.


News URL

https://go.theregister.com/feed/www.theregister.com/2020/12/18/probase_unsecured_azure_blob/