Home Resources Blog 500,000 Documents Exposed in Open S3 Bucket Incident

500,000 Documents Exposed in Open S3 Bucket Incident

An unprotected AWS S3 bucket exposed some 425 GB of data, representing approximately 500,000 documents related to MCA Wizard, an iOS and Android app developed by Advantage Capital Funding and Argus Capital Funding. According to vpnMentor researcher Noam Rotem, who led the team of researchers who found the open database, the app appears to be a tool for a Merchant Cash Advance (MCA), which provides relatively small, high-interest business loans typically made to small companies.

In a blog post, Rotem shared examples of the types of document found in the database, many of which seemed to have no relationship to the app itself. Information in the documents included credit reports, bank statements, contracts, legal documents, driver’s license copies, purchase orders and receipts, tax returns, Social Security information, and transaction reports.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Read more: Dark Reading

Latest Articles

Cloud Cost Optimization
4 Proven Ways to Minimize Your AWS MSK Cost

The very tools designed to streamline cloud operations can sometimes stretch budgets thin. One good example is managing the costs associated with Amazon Managed Streaming for Apache Kafka (MSK). While AWS MSK simplifies deploying and scaling Kafka clusters, the costs can stack up if not optimized. Here’s how you can rethink your AWS MSK deployment […]

3rd February, 2025
Cloud Security
Rotating Pen Test Vendors Isn’t the Best Approach: Here’s Why

How do organizations ensure their penetrating testing remains insightful and free from complacency? For many years, the answer was vendor rotation — the practice of changing pen test vendors every few years. But does this approach still make sense today? While it once served a crucial purpose, the administrative burden it creates can be significant. […]

30th January, 2025
Cloud Security
The Reconnaissance Playbook of a Kubernetes Attacker

As Kubernetes gained widespread adoption in production environments, it became more attractive to attackers. Its distributed and dynamic nature made it a favorite for scalable and flexible containerized applications, but it also introduced some vulnerabilities and misconfigurations that can be exploited. For an attacker looking to exploit a Kubernetes cluster, reconnaissance is a critical first […]

27th January, 2025
Cloud Cost Optimization
Complying with AWS’s RI/SP Policy Update: Save More, Stress Less

Shared Reserved Instances (RIs) and Savings Plans (SPs) have been a common workaround for reducing EC2 costs, but their value has always been limited. On average, these shared pools deliver only 25% savings on On-Demand costs—far below the 60% savings achievable with automated reservation tools. For IT and DevOps teams, the trade-offs include added complexity, […]

Itay Tal
5th December, 2024
Back to Resources

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services