Public Relations: How a Marketing & PR Platform Exposed Thousands of Users

A data collection originating from iPR Software was discovered to be publicly accessible, due to a misconfigured Amazon S3 storage bucket. Conducted by cybersecurity firm UpGuard, the discovery revealed details on nearly 500,000 media contacts, business account information and over 35,000 user password hashes. Among the data were documents and credentials for iPR accounts on Google and Twitter, and potentially sensitive company information from clients including Nasdaq, GE and Xerox.