Cloud
[SC] Supply Chain
State Governments of U.S. Third-Party Breach (January 2020)
Primary Source ↗Incident Details
Data Leak Exposes 750K Birth Certificate Applications. AWS misconfiguration leaves storage bucket wide open. Over 750,000 applications for US birth certificates have been found exposed online thanks to a misconfigured cloud server.
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- Not disclosed
- Supply Chain Attack
- ✅ Confirmed third-party / vendor compromise
Timeline
- 2020-01-01 Breach occurred
- 2019-12-10 Publicly disclosed