Tuesday, November 5, 2024
HomeData BreachPentagon's Data Leak Exposed 1.8 Billion of Social Media Surveillance Data

Pentagon’s Data Leak Exposed 1.8 Billion of Social Media Surveillance Data

Published on

Malware protection

Pentagon Data Leak, other three Amazon Web Services S3 cloud storage buckets that contain social media surveillance data configured in the way that users with free AWS account can read and download the contents.

Leaked data consist of billions of public internet posts, news commentary and other writings from individuals from the US and other Countries.

Leaked data in one of the three buckets consist of more than 1.8 billion posts of content that captured around 8 years. It includes data collected from comment sections, web forums, and social media sites like Facebook.
Pentagon Data Leak
Source: UpGuard

Pentagon Data Leak Discovery

UpGuard Director of Cyber Risk Director Chris Vickery discovered these buckets with subdomain “CENTCOM-backup,” “CENTCOM-archive,” and “pacom-archive”, where the CENTCOM refers to the US command center.

- Advertisement - SIEM as a Service

Also with further investigation, they identified a settings table in “CENTCOM-backup” in bucket operated by VendorX who building Outpost for CENTCOM and defense department.

We found a folder, titled “scraped,” contains an enormous amount of XML files consisting of internet content “scraped” from the public internet since 2009 to 2015; the other CENTCOM bucket, “archive,” would be found to contain more such data, collected from 2009 to the present day.Upguard says.
Pentagon Data Leak
Source: UpGuard

Another bucket “CENTCOM-archive” contains the same set of XML file formats as like “CENTCOM-backup”. Posts stored in different languages with an emphasis on Arabic.

From the information obtained from CENTCOM bucket, seems it focused on millions of Internet posts and majorly from the Middle East and South Asia.

And the next bucket “pacom-archive” structure resembles same as like “CENTCOM-archive” but it consists of posts from Southeast, East Asian and Australia.

UpGuard says collection methods used to build these data stores remains somewhat murky.Massive in scale, it is difficult to state exactly how or why these particular posts were collected over the course of almost a decade.

Vickery says “A simple permission setting makes difference between these buckets to remain safe or exposed online”. You can read complete investigation report at UpGuard.

Some of Very Recent Data Leaked Online

  1. Famous Cosmetic Company “Tarte” leaked 2 Million Customers Personal Data Online
  2. Fashion Retailer FOREVER 21 Admits Payment Card Security Breach
  3. Accenture Data Leak Exposed 137 Gigabytes of Highly Sensitive Data Online
  4.  Deloitte Hacked by Cyber Criminals and Revealed Client & Employee’s Secret Emails
  5. Leading research and advisory firms Forrester was hacked
  6. Disqus confirms it’s been hacked and more than 17.5 Million Users Details Exposed
  7. Gaming Service R6DB Database deleted By Hackers and held for Ransom
  8. Biggest Hack Ever – Each and Every Single Yahoo Account Was Hacked in 2013
  9. Pizza Hut Hacked – Users Reporting Fraudulent Transactions on their Cards
  10. Hyatt Hotels Data Breach Exposed 41 Hotel Customers Payment Card Information
  11. Verizon Wireless Confidential DataLeaked Accidentally by Its Employee
  12. ABC Company Massive Data Leaked online from Amazon S3 Bucket
  13. Pentagon Data Leak Exposed 1.8 Billion of Social Media Surveillance Data
Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actor IntelBroker Claims Leak of Nokia’s Source Code

The threat actor known as IntelBroker, in collaboration with EnergyWeaponUser, has claimed responsibility for...

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals...

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Threat Actor IntelBroker Claims Leak of Nokia’s Source Code

The threat actor known as IntelBroker, in collaboration with EnergyWeaponUser, has claimed responsibility for...

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Grayscale Investments Data Breach Exposes 693K User Records Reportedly Affected

Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting...