Spy Games: How Booz Allen Hamilton Exposed Pentagon Access Keys

UpGuard’s cyber risk analyst Chris Vickery alerted the US National Geospatial-Intelligence Agency (NGA) and defence firm Booz Allen Hamilton (BAH) about a potential data breach via an unsecured Amazon Web Services S3 bucket. A full nine minutes after being informed of the threat, the NGA secured it while BAH responded with a single email almost a day later. The potential breach involved files attached to SSH keys and that could have contained “highly sensitive US military data.”