Cloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket: Lives at Stake

The unsecured server exposed more than 1.5 million files, including airport worker ID photos and other PII, highlighting the ongoing cloud-security challenges worldwide.

A misconfigured Amazon S3 bucket resulted in 3TB of airport data (more than 1.5 million files) being publicly accessible, open, and without an authentication requirement for access, highlighting the dangers of unsecured cloud infrastructure within the travel sector.
The exposed information, uncovered by Skyhigh Security, includes employee personal identification information (PII) and other sensitive company data affecting at least four airports in Colombia and Peru.
The PII ranged from photos of airline employees and national ID cards — which could present a serious threat if leveraged by terrorist groups or criminal organizations — to information about planes, fuel lines, and GPS map coordinates.
The bucket (now secured) contained information dating back to 2018, the report says, noting Android mobile apps also were contained within buckets, which security personnel tap to help with incident reporting and data handling.
Airport security protects the lives of travelers and airport staff, the report
explains
. As such, this breach is extremely dangerous with potentially devastating consequences should the bucket’s content end up in the wrong hands.
As travel picks up dramatically following restrictions during the pandemic, Fortune Business Insights found that the global
smart airport market
size is set to be driven by the rising preference of the masses for air travel. The report also says that the expansion of commercial aviation is set to affect the market positively in the coming years, as airports increasingly turn to cloud service providers to house and process massive amounts of passenger and operational data.
Perhaps its no wonder that travel-related organizations have been increasingly targeted of late. For instance, airlines have been the target of ransomware this year, including Indias low-cost carrier SpiceJet, which
weathered an attack
in May that caused widespread flight delays.
At the same time, multiple cybercrime groups have been spotted selling stolen credentials and other sensitive PII pilfered from travel-related websites and cloud databases, according to security firm
Intel 471s tracking
.
Cloud Security Still Porous
Back in 2019,
Gartner stated that
90% of organizations that fail to control public cloud use will inappropriately share sensitive data. And that worry continues today: A recent IDC survey of CISOs in the US found that 80% of respondents are not able to identify excessive access to sensitive data in cloud production environments.
Unfortunately, news headlines like these highlight examples of a data breach due to a simple, but harmful misconfiguration: an unsecured, exposed cloud storage service, according to Skyhighs analysis. Complexities around identity management, access permissions, secure configurations, data protection, and so much more, continuously result in poor cloud security hygiene and ultimately, data exposures.
And indeed, there has been no shortage of cloud security incidents recently — with
misconfigurations leading the way
. Cybercrime goals in subverting open databases can go beyond data pilfering, it should be noted, as shown by the
recent discovery
of Denonia, a Go-language-based cryptominer malware. Its designed to exploit AWS Lambda, the serverless function execution service.
Also, vulnerabilities in cloud products and services have become a growing concern for organizations, with a Linux container-escape flaw in Microsofts Azure Service Fabric among the latest vulnerabilities
disclosed
.
The good news? One potential cloud security resource was recently established by security researchers at Wiz in the form of a
community-based database
—
cloudvulndb.org
— which currently lists some 70 cloud security issues and vulnerabilities.
How to Protect Against Cloud Threats
A recent survey of 500 security practitioners and 200 executives, conducted by cloud automation firm Lacework, indicated organizations must
change the way theyre securing cloud infrastructure
and services.
Skyhigh’s report notes increasing read/write privileges are often the go-to for further strengthening cloud security. However, in reality it will take far more than that; thanks to the extensive manners by which cloud storages can be accessed and misused, the report states.
So, other measures that the firm said should be implemented include:
Enable automatic scanning for vulnerable storage across AWS S3 buckets and Azure Blobs.
Use continuous configuration audits for IaaS accounts and services to enforce consistent protection.
Enforce compliance checks against industry best practices to maintain secure postures.
Run data loss prevention and malware scans to detect violations in cloud-storage services and protect sensitive data from being exfiltrated.
Put measures in place to detect insider threats as well as threats from compromised accounts and privileged-access misuse.
And apply automatic remediation to take appropriate action against misconfigurations, vulnerabilities, and exposures.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Cloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket: Lives at Stake