Over 2.3 billion sensitive business data were exposed online in the last 12 months

• This is a 50% increase when compared to the 1.5 billion files exposed during 2017-18.
• The United States exposed the most data, accounting for over 326 million files.

Misconfigured online file storage technologies have exposed more than 2.3 billion corporate files in the last 12 months. This is an increase of 50% when compared to the 1.5 billion files exposed during 2017-18.

What does the report say?

In a report named ‘Too Much Information: The Sequel’, researchers from Digital Shadows have revealed that Server Message Block (SMB) protocol and online file storage technologies were responsible for the leak of over 2.3 billion corporate files last year. The online storage file technologies include NAS devices, FTP & rsync servers, and AWS S3 buckets.

Who are the victims?

The United States exposed the most data, accounting for over 326 million files. It is followed by France and Japan who reported a loss of 151 million and 77 million files respectively. The files exposed by the United Kingdom stood at 83 million.

How did the technologies impact?

Around 20% of the total data exposed was compromised due to misconfigured FTP services, while loss due to rsync servers and AWS S3 buckets accounted for 16% and 8% of the total exposed data respectively.

Data loss due to weak SMB protocol was recorded to be the highest of all. This accounted for 46% of 2.3 billion data exposed.

Citing the increase in the use of SMB, researcher Van Riper said, As businesses continue to digitize older systems and [processes], and more and more Windows systems that have SMB installed get spun up, the more chances there are for these exposures to occur knowingly."

Impact of security lapses

Riper also noted that there are some companies that still have several security lapses. "Some of the data exposure is inexcusable - Microsoft has not supported SMBv1 since 2014, yet many companies still use it. We urge all organizations to regularly audit the configuration of their public facing services," Riper said.

Businesses have been urged to disable SMBv1 and update SMBv2 or v3 for systems to stay safe from cyber attacks. The companies should also opt for IP whitelisting as this enables only authorized systems to access the storage systems.