A massive trove of sensitive corporate and customer data was left freely exposed to the public by Accenture, one of the world’s biggest management firms. The tech giant left at least four cloud storage servers, which contained highly sensitive decryption keys and passwords, exposed to the public, without any password protections. The exposed servers, which were hosted on Amazon S3 storage services, contained hundreds of GB of sensitive data, including secret API data, authentication credentials, certificates, decryption keys, customer information, and more.
The data left exposed included Accenture’s Google and Azure accounts, VPN keys, nearly 40,000 plaintext passwords and more. One of the largest exposed servers contained over 137 GB of data, some of which included massive databases of credentials directly related to Accenture’s clients.
— source ibtimes.co.uk 2017-10-14