Thursday, July 25, 2024

Pentagon’s Data Leak Exposed 1.8 Billion of Social Media Surveillance Data

Pentagon Data Leak, other three Amazon Web Services S3 cloud storage buckets that contain social media surveillance data configured in the way that users with free AWS account can read and download the contents.

Leaked data consist of billions of public internet posts, news commentary and other writings from individuals from the US and other Countries.

Leaked data in one of the three buckets consist of more than 1.8 billion posts of content that captured around 8 years. It includes data collected from comment sections, web forums, and social media sites like Facebook.
Pentagon Data Leak
Source: UpGuard

Pentagon Data Leak Discovery

UpGuard Director of Cyber Risk Director Chris Vickery discovered these buckets with subdomain “CENTCOM-backup,” “CENTCOM-archive,” and “pacom-archive”, where the CENTCOM refers to the US command center.

Also with further investigation, they identified a settings table in “CENTCOM-backup” in bucket operated by VendorX who building Outpost for CENTCOM and defense department.

We found a folder, titled “scraped,” contains an enormous amount of XML files consisting of internet content “scraped” from the public internet since 2009 to 2015; the other CENTCOM bucket, “archive,” would be found to contain more such data, collected from 2009 to the present day.Upguard says.
Pentagon Data Leak
Source: UpGuard

Another bucket “CENTCOM-archive” contains the same set of XML file formats as like “CENTCOM-backup”. Posts stored in different languages with an emphasis on Arabic.

From the information obtained from CENTCOM bucket, seems it focused on millions of Internet posts and majorly from the Middle East and South Asia.

And the next bucket “pacom-archive” structure resembles same as like “CENTCOM-archive” but it consists of posts from Southeast, East Asian and Australia.

UpGuard says collection methods used to build these data stores remains somewhat murky.Massive in scale, it is difficult to state exactly how or why these particular posts were collected over the course of almost a decade.

Vickery says “A simple permission setting makes difference between these buckets to remain safe or exposed online”. You can read complete investigation report at UpGuard.

Some of Very Recent Data Leaked Online

  1. Famous Cosmetic Company “Tarte” leaked 2 Million Customers Personal Data Online
  2. Fashion Retailer FOREVER 21 Admits Payment Card Security Breach
  3. Accenture Data Leak Exposed 137 Gigabytes of Highly Sensitive Data Online
  4.  Deloitte Hacked by Cyber Criminals and Revealed Client & Employee’s Secret Emails
  5. Leading research and advisory firms Forrester was hacked
  6. Disqus confirms it’s been hacked and more than 17.5 Million Users Details Exposed
  7. Gaming Service R6DB Database deleted By Hackers and held for Ransom
  8. Biggest Hack Ever – Each and Every Single Yahoo Account Was Hacked in 2013
  9. Pizza Hut Hacked – Users Reporting Fraudulent Transactions on their Cards
  10. Hyatt Hotels Data Breach Exposed 41 Hotel Customers Payment Card Information
  11. Verizon Wireless Confidential DataLeaked Accidentally by Its Employee
  12. ABC Company Massive Data Leaked online from Amazon S3 Bucket
  13. Pentagon Data Leak Exposed 1.8 Billion of Social Media Surveillance Data

Latest articles

ShadowRoot Ransomware Attacking Organizations With Weaponized PDF Documents

A rudimentary ransomware targets Turkish businesses through phishing emails with ".ru" domain sender addresses....

BreachForumsV1 Database Leaked: Private messages, Emails & IP Exposed

BreachForumsV1, a notorious online platform for facilitating illegal activities, has reportedly suffered a massive...

250 Million Hamster Kombat Players Targeted Via Android And Windows Malware

Despite having simple gameplay, the new Telegram clicker game Hamster Kombat has become very...

Beware Of Malicious Python Packages That Steal Users Sensitive Data

Malicious Python packages uploaded by "dsfsdfds" to PyPI infiltrated user systems by exfiltrating sensitive...

Chinese Hackers Using Shared Framework To Create Multi-Platform Malware

Shared frameworks are often prone to hackers' abuses as they have been built into...

BlueStacks Emulator For Windows Flaw Exposes Millions Of Gamers To Attack

A significant vulnerability was discovered in BlueStacks, the world's fastest Android emulator and cloud...

Google Chrome 127 Released with a fix for 24 Security Vulnerabilities

Google has unveiled the latest version of its Chrome browser, Chrome 127, which is...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles