On 09/02/2017 05:49 PM, grarpamp wrote: > On Sat, Sep 2, 2017 at 7:51 PM, Razer <[email protected]> wrote: >> http://www.zdnet.com/article/thousands-of-sensitive-mercenary-resumes-exposed-after-server-security-lapse/ >> http://gizmodo.com/thousands-of-job-applicants-citing-top-secret-us-govern-1798733354 > These types of "news" are fakeass lookatme shitnews without > useful actionable doc dumps. Of course Top Secret infiltrators happen. > Beware.
They were never hacked (except apparently by the people who reported it) and released.. They were just sitting there for the public if found. OK so maybe it's more formally a Security Breach than a dox but "UpGuard", linked to at the ZDNet article has some details, and screenshots (black-barred details) on-page. It's noted that some of the scumbag Iraqis and Afghani "immigrants" who interpreted the tortured screams of their fellow citizens at some Caci-CIA operated secret torture chamber were in the dox... Hoping they die first. https://www.upguard.com/breaches/cloud-leak-tigerswan > On July 20th, 2017, UpGuard Director of Cyber Risk Research Chris > Vickery discovered an Amazon Web Services S3 data storage bucket > configured for public access, located at the AWS subdomain > “tigerswanresumes.” UpGuard notified TigerSwan of the exposure by > email on July 21st and then followed up by phone and email again on > July 22nd. During the phone engagement on July 22nd, TigerSwan told > Mr. Vickery that they were working with Amazon to secure the data. > Upguard placed a follow-up call to TigerSwan’s IT helpdesk on August > 10 after observing that the resume files remained unsecured. During > that conversation, a TigerSwan representative admitted to being unsure > as to why the bucket remained exposed and vowed to bring it to the IT > director’s attention. The files were not secured until August 24, > 2017. TigerSwan subsequently told UpGuard that the files were left > unsecured by a former recruiting vendor. > > Within the repository, publicly accessible to any internet user > accessing the S3 bucket’s URL, is a folder titled “Resumes,” last > backed up or uploaded in February 2017. Inside this “Resumes” folder > are 9,402 documents, in varying file formats and with no naming > conventions employed for the file names. While this lack of uniformity > perhaps indicates the documents were unchanged since being submitted > by a large pool of applicants, the file names and contents leave no > question as to the nature of the data— resumes and application forms > submitted for positions with TigerSwan.
