Enterprise Scale: How Public Storage Buckets Leaked Private Credentials

UpGuard has discovered multiple misconfigured cloud storage buckets belonging to Hortonworks, an enterprise data processing company that merged with Cloudera in January 2019. Though most files found were intended for public access, there were also copious system credentials and internal developer information among the data. After being notified, Cloudera removed public access to the bucket and dealt with the issue. The potential impact of the data exposure is unknown but would extend to multiple sites for production and delivery of software.