Saturday, December 2, 2023

Box Data Leak – Terabytes of Data Exposed from Companies Using cloud based Box Accounts

Box is a cloud management system as like AWS S3 buckets, to manage and access your data. You can place the files in the Box storage and it can be shared to anyone through links.

The data leak is not due to a bug or vulnerability, the problem is with the account administrators who created files/folders link to be accessible by public instead of giving access to only the People in their company.

Cyber-security firm Adversis, identified thousands of Box customer sub-domains through their standard intelligence gathering techniques, they discovered hundreds of thousands of documents and terabytes of data exposed across hundreds of customers.

Following are the sample Data found:

  1. Hundreds of Passport Photos
  2. Social Security and Bank Account Numbers
  3. High profile technology prototype and design files
  4. Employees lists
  5. Financial data, invoices, internal issue trackers
  6. Customer lists and archives of years of internal meetings
  7. IT data, VPN configurations, network diagrams

“we intended to reach out to all the companies affected but we quickly realized that was impossible at this scale. We alerted a number of companies that had highly sensitive data exposed, reached out directly to Box.”

The publically accessible data with BOX is more worse than the S3 public bucket issue, because the s3 has long names and difficult to guess, but with BOX account’s it is easy. The BOX url should be something like this

https://[.]app.box[.]com/v/<file/foldername

Box Accounts Administrators configure Shared Link default access to ‘People in your company’ to reduce accidental creation of public.

You can Check out https://github.com/adversis/PandorasBox. Pandora’s Box will take a list of companies, find the ones that have a valid box account and begin to scan for exposed files and folders. adversis researchers said.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Citrix Hacked – Terabytes of Sensitive data Stolen by Iranian Hackers

SBI Data Leak – Millions of Customers Data Leaked From Unsecured Server

NASA Data Leak – Internal App Leaked NASA Staff and Project Sensitive data

Hundreds of German politicians Private & Sensitive Data Leaked Online

Thousands of US Voters Personal Data Leaked Online Again

Website

Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles