├── .github └── ISSUE_TEMPLATE │ └── new-s3-leak.md ├── .gitignore ├── CONTRIBUTING.md ├── Dockerfile ├── LICENSE ├── Makefile ├── README.md ├── docs ├── App.js └── index.html ├── main.go └── yas3bl.json /.github/ISSUE_TEMPLATE/new-s3-leak.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: New S3 Leak 3 | about: Report a new S3 leak 4 | 5 | --- 6 | 7 | **Organization Affected**: 8 | 9 | **Count of records exposed**: 10 | 11 | **Data Exposed**: 12 | 13 | **URL to the article/disclosure**: 14 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .c9 2 | # Binaries for programs and plugins 3 | *.exe 4 | *.dll 5 | *.so 6 | *.dylib 7 | 8 | # Test binary, build with `go test -c` 9 | *.test 10 | 11 | # Output of the go coverage tool, specifically when used with LiteIDE 12 | *.out 13 | 14 | # Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736 15 | .glide/ 16 | .DS_Store 17 | # Logs 18 | logs 19 | *.log 20 | npm-debug.log* 21 | yarn-debug.log* 22 | yarn-error.log* 23 | 24 | # Runtime data 25 | pids 26 | *.pid 27 | *.seed 28 | *.pid.lock 29 | 30 | # Directory for instrumented libs generated by jscoverage/JSCover 31 | lib-cov 32 | 33 | # Coverage directory used by tools like istanbul 34 | coverage 35 | 36 | # nyc test coverage 37 | .nyc_output 38 | 39 | # Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files) 40 | .grunt 41 | 42 | # Bower dependency directory (https://bower.io/) 43 | bower_components 44 | 45 | # node-waf configuration 46 | .lock-wscript 47 | 48 | # Compiled binary addons (https://nodejs.org/api/addons.html) 49 | build/Release 50 | 51 | # Dependency directories 52 | node_modules/ 53 | jspm_packages/ 54 | 55 | # Typescript v1 declaration files 56 | typings/ 57 | 58 | # Optional npm cache directory 59 | .npm 60 | 61 | # Optional eslint cache 62 | .eslintcache 63 | 64 | # Optional REPL history 65 | .node_repl_history 66 | 67 | # Output of 'npm pack' 68 | *.tgz 69 | 70 | # Yarn Integrity file 71 | .yarn-integrity 72 | 73 | # dotenv environment variables file 74 | .env 75 | 76 | # next.js build output 77 | .next 78 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # CONTRIBUTING 2 | 3 | First, thank you for your interest in contributing to this project. I try to stay abreast of news that breaks regarding bucket leaks, but I could easily miss one or two. 4 | 5 | Contributing to this project is relatively simple. 6 | 7 | ## Overview 8 | 9 | 1. Fork and clone the repository. 10 | 1. Add the information in [`yas3bl.json`](yas3bl.json). 11 | 1. Generate the [README.md](README.md). 12 | 13 | And you're done! 14 | 15 | ## Details 16 | 17 | ### Prerequisites 18 | 19 | You must have **ONE** of the following two options installed locally on your machine: 20 | - Docker 21 | - Go 22 | 23 | Alternatively, if you have a [c9.io](https://c9.io) account, you can spin up a generic workspace (it is provisioned with Go out-of-the-box 😍 ) 24 | 25 | ### Steps 26 | 27 | 1. Fork then clone the repo: `git clone https://github.com//YAS3BL && cd YAS3BL` 28 | 1. Add new entry in `yas3bl.json`. Required JSON properties: 29 | ```json 30 | { 31 | "count": "", 32 | "data": "", 33 | "organization": "", 34 | "url": "" 35 | } 36 | ``` 37 | - Note: The `url` should be that of the original security researchers that disclosed this leak. I'd rather not rely on secondary news sources that report on this leak. 38 | 1. Generate the markup using **ONE** of the two options below: 39 | - If you have Go installed locally or if you're on c9.io: `make` or `make readme` 40 | - If you have Docker installed locally: `make docker` 41 | 1. Push & open PR 👍 42 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # YAS3BL 2 | # To populate data from yas3bl.json and generate README.md dynamically: 3 | # docker run --rm -it -v $(pwd):/go/src/github.com/petermbenjamin/yas3bl yas3bl 4 | FROM golang:latest 5 | LABEL maintainer="Peter Benjamin " 6 | ENTRYPOINT [ "go run main.go" ] 7 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2017 Peter Benjamin 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | .PHONY: readme html 2 | 3 | readme: 4 | go run main.go 5 | 6 | html: readme 7 | open docs/index.html 8 | 9 | docker: 10 | docker run --rm -it -v $(shell pwd):/go/src/github.com/petermbenjamin/yas3bl -w /go/src/github.com/petermbenjamin/yas3bl golang:latest make 11 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # YAS3BL (Yet Another S3 Bucket Leak) 2 | 3 | > 🔓 Enumerating all the AWS S3 bucket leaks that have been discovered to date. 4 | 5 | | Company | Link | Records Exposed | Data | 6 | | ------- | ---- | --------------- | ---- | 7 | |

211 LA County

| [🔗](https://www.upguard.com/breaches/la-county-211-hotline) | 3.2 million | Files include access credentials for 211 system operators, email addresses for contacts and registered resources of LA County 211, and detailed call notes, including full names, phone numbers, addresses, and even 33,000 instances of full Social Security numbers. | 8 | |

Accenture

| [🔗](https://www.upguard.com/breaches/cloud-leak-accenture) | 137+ GB | 4 S3 buckets exposing secret API data, authentication credentials, 40,000 plaintext passwords, credentials for GCP and Azure accounts, SSL certificates, private decryption keys, production VPN keys for internal/private networks, database dumps, user IP addresses, JSESSION IDs. | 9 | |

AgentRun

| [🔗](https://www.zdnet.com/article/insurance-startup-leaks-sensitive-customer-health-data/) | | Names, addresses, dates of birth, phone numbers, income ranges, social security numbers (SSNs), driver licenses, armed forces and voter identification cards, bank checks, insurance policy documents, health and medical information (e.g. prescriptions and dosages), and some financial data. Insurance companies found in the data included Cigna, TransAmerica, SafeCo, Schneider Insurance, Manhattan Life, Everest - to name a few. | 10 | |

Alliance Direct Lending Corporation

| [🔗](https://threatpost.com/auto-lender-exposes-loan-data-for-up-to-1-million-applicants/125216/) | 1 million | Names, addresses, credit scores and partial Social Security numbers | 11 | |

Alteryx

| [🔗](https://www.upguard.com/breaches/cloud-leak-alteryx) | 123 million | Data sets belonging to Experian and US Census Bureau, containing personal details of 198 million American voters and 123 million American household PII data such as home addresses, contact information, morgage ownership, financial histories, and purchasing behaviors. | 12 | |

Australian Broadcasting Company

| [🔗](https://mackeepersecurity.com/post/australian-broadcasting-corporation-exposed-sensitive-data-online) | 50,000 | Personal data of Australian employees of several government agencies, banks, and a utility company, including full names, passwords, IDs, phone numbers, email addresses, credit card numbers, salaries and expenses. | 13 | |

Booz Allen Hamilton

| [🔗](https://www.upguard.com/breaches/spy-games) | Undisclosed | Top Secret data from DoD, Pentagon, and National Geospatial Intelligence Agency (NGA), SSH keys, credentials granting access to data center Operating System | 14 | |

DeepRoot Analytics

| [🔗](https://www.upguard.com/breaches/the-rnc-files) | 200 million | 1.1 Terabytes worth of data on registered voters | 15 | |

Department of Defense

| [🔗](https://www.upguard.com/breaches/cloud-leak-centcom) | 1.8 billion | Three (3) S3 buckets containing 1.8 billion posts of scraped internet content over the last 8 years. | 16 | |

Dow Jones

| [🔗](https://www.upguard.com/breaches/cloud-leak-dow-jones) | 2.2 - 4 million | Names, addresses, account information, email addresses, and last four digits of credit card numbers of millions of subscribers to Dow Jones publications | 17 | |

ES&S

| [🔗](https://www.upguard.com/breaches/cloud-leak-chicago-voters) | 1.8 million | Chicago voter names, addresses, date-of-births, partial SSNs, Driver Licenses, and state ID numbers | 18 | |

Fedex

| [🔗](https://mackeepersecurity.com/post/fedex-customer-records-exposed) | 119,000 | Scanned documents of US and international citizens, such as passports, driver licenses, security IDs, home addresses, phone numbers, zip codes | 19 | |

Groupize

| [🔗](https://mackeepersecurity.com/post/online-hotel-booking-service-allegedly-exposed-sensitive-data) | 38,000 | Credit Card numbers, expiration dates, CVV codes | 20 | |

Honda

| [🔗](https://mackeepersecurity.com/post/honda-leaked-personal-information-from-its-honda-connect-app/) | 50,000 | Names, phone numbers and email addresses for users and their trusted contacts, passwords, gender, information about their cars including VIN, Connect IDs. | 21 | |

MBM Company Inc.

| [🔗](https://mackeepersecurity.com/post/walmart-jewelry-partner-exposed-millions-customer-details) | 1.3 million | Names, addresses, zip codes, phone numbers, email addresses, ip addresses, plaintext passwords | 22 | |

Mexico's Electoral Authority (INE)

| [🔗](http://splinternews.com/a-massive-data-breach-exposed-personal-info-for-93-4-mi-1793856429) | 93.4 million | Mexican voter registration data | 23 | |

National Credit Federation

| [🔗](https://www.upguard.com/breaches/credit-crunch-national-credit-federation) | 111 GB | Internal personal and financial data of tens of thousands of customers. | 24 | |

NSA

| [🔗](https://www.upguard.com/breaches/cloud-leak-inscom) | 47 files | Highly sensitive INSCOM data. Some data was 'NOFORN' classified, indicating high sensitivity that cannot be shared with foreign allies | 25 | |

Octoly

| [🔗](https://www.upguard.com/breaches/cloud-leak-octoly) | 12,000 | A database backup, called `octoly_production.sql`, exposed real names, addresses, phone numbers, email addresses, birth dates of thousands of influential online personalities (Instagram, Twitter, and YouTube personalities), like Dior, Lancome, and Blizzard Entertainment | 26 | |

Patient Home Monitoring

| [🔗](https://mackeepersecurity.com/post/patient-home-monitoring-service-leaks-private-medical-data-online) | 316,363 | 47.5 GB PDF medical records containing weekly blood test results, patient names, addresses, and phone numbers. Development server backups. Doctor's names, case management notes, and additional client information. | 27 | |

SVR Tracking

| [🔗](https://mackeepersecurity.com/post/auto-tracking-company-leaks-hundreds-of-thousands-of-records-online) | 540,642 | Tracking unit information including usernames, passwords, emails, Vehicle Identification Numbers, license plate numbers, IMEI numbers of GPS devices, specific location where the tracking units were hidden, information on customers and 427 dealerships, 116 GB of hourly backups, 8.5 GB of daily backups from 2017, and 339 log documents | 28 | |

TigerSwan

| [🔗](https://www.upguard.com/breaches/cloud-leak-tigerswan) | 9,402 | Resumes of Top Secret US military veterans names, addresses, phones, emails, Driver License numbers, passport numbers, partial SSNs | 29 | |

Time Warner/BroadSoft

| [🔗](https://mackeepersecurity.com/post/global-communication-software-left-massive-amount-of-data-online) | 4 million | 600 GB worth of data including usernames, emails addresses, MAC addresses, device serial numbers, and financial transaction information | 30 | |

Verizon

| [🔗](https://www.upguard.com/breaches/verizon-cloud-leak) | 14 million | Verizon customer names, addresses, account details, and Personal Identification Numbers (PIN) | 31 | |

Verizon

| [🔗](https://mackeepersecurity.com/post/verizon-wireless-employee-exposed-confidential-data-online) | 100 MB | Data from internal Verizon Wireless system (DVS), 129 Outlook messages, logs, server names & info, admin usernames & passwords | 32 | |

Viacom

| [🔗](https://www.theregister.co.uk/2017/09/19/viacom_exposure_in_aws3_bucket_blunder/) | 72 files | Encrypted compressed archives containing backup of company's IT infrastructure and private GPG keys used to encrypt the compressed archives | 33 | |

WWE

| [🔗](https://threatpost.com/leaky-wwe-database-exposes-personal-data-of-3m-wrestling-fans/126710/) | 3,065,805 | Fans names, physical addresses, email addresses, earnings, ethnicity, children’s age ranges, birthdates and additional personally identifiable information | 34 | 35 | -------------------------------------------------------------------------------- /docs/App.js: -------------------------------------------------------------------------------- 1 | /* global fetch, semanticUIReact, ReactDOM, React */ 2 | const { Header, Container, Segment, Table, Dropdown } = semanticUIReact 3 | 4 | const YAS3BL = 5 | 'https://raw.githubusercontent.com/petermbenjamin/YAS3BL/master/yas3bl.json' 6 | class App extends React.Component { 7 | state = { leaks: [] } 8 | 9 | componentDidMount() { 10 | fetch(YAS3BL) 11 | .then(response => response.json()) 12 | .then(data => { 13 | data.sort((a, b) => a.organization.localeCompare(b.organization)) 14 | this.setState({ leaks: data }) 15 | }) 16 | .catch(err => console.error(err)) 17 | } 18 | 19 | render() { 20 | const { leaks } = this.state 21 | return ( 22 | 23 | 24 | 25 |
Yet Another S3 Bucket Leak
26 | 27 | 28 | 29 | 30 | 31 | Organization 32 | Count (Records Exposed) 33 | Data Exposed 34 | 35 | 36 | 37 | {leaks.map((l, i) => ( 38 | 39 | 40 | {l.organization} 41 | 42 | {l.count} 43 | {l.data} 44 | 45 | ))} 46 | 47 |
48 | 49 | ) 50 | } 51 | } 52 | 53 | const root = document.getElementById('root') 54 | const elem = 55 | ReactDOM.render(elem, root) 56 | -------------------------------------------------------------------------------- /docs/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | YAS3BL 8 | 9 | 10 | 19 | 20 |
21 |
22 |

Yet Another S3 Bucket Leak

23 |
24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 |
OrganizationCountData
211 LA County3.2 millionFiles include access credentials for 211 system operators, email addresses for contacts and registered resources of LA County 211, and detailed call notes, including full names, phone numbers, addresses, and even 33,000 instances of full Social Security numbers.
Accenture137+ GB4 S3 buckets exposing secret API data, authentication credentials, 40,000 plaintext passwords, credentials for GCP and Azure accounts, SSL certificates, private decryption keys, production VPN keys for internal/private networks, database dumps, user IP addresses, JSESSION IDs.
AgentRunNames, addresses, dates of birth, phone numbers, income ranges, social security numbers (SSNs), driver licenses, armed forces and voter identification cards, bank checks, insurance policy documents, health and medical information (e.g. prescriptions and dosages), and some financial data. Insurance companies found in the data included Cigna, TransAmerica, SafeCo, Schneider Insurance, Manhattan Life, Everest - to name a few.
Alliance Direct Lending Corporation1 millionNames, addresses, credit scores and partial Social Security numbers
Alteryx123 millionData sets belonging to Experian and US Census Bureau, containing personal details of 198 million American voters and 123 million American household PII data such as home addresses, contact information, morgage ownership, financial histories, and purchasing behaviors.
Australian Broadcasting Company50,000Personal data of Australian employees of several government agencies, banks, and a utility company, including full names, passwords, IDs, phone numbers, email addresses, credit card numbers, salaries and expenses.
Booz Allen HamiltonUndisclosedTop Secret data from DoD, Pentagon, and National Geospatial Intelligence Agency (NGA), SSH keys, credentials granting access to data center Operating System
DeepRoot Analytics200 million1.1 Terabytes worth of data on registered voters
Department of Defense1.8 billionThree (3) S3 buckets containing 1.8 billion posts of scraped internet content over the last 8 years.
Dow Jones2.2 - 4 millionNames, addresses, account information, email addresses, and last four digits of credit card numbers of millions of subscribers to Dow Jones publications
ES&S1.8 millionChicago voter names, addresses, date-of-births, partial SSNs, Driver Licenses, and state ID numbers
Fedex119,000Scanned documents of US and international citizens, such as passports, driver licenses, security IDs, home addresses, phone numbers, zip codes
Groupize38,000Credit Card numbers, expiration dates, CVV codes
Honda50,000Names, phone numbers and email addresses for users and their trusted contacts, passwords, gender, information about their cars including VIN, Connect IDs.
MBM Company Inc.1.3 millionNames, addresses, zip codes, phone numbers, email addresses, ip addresses, plaintext passwords
Mexico's Electoral Authority (INE)93.4 millionMexican voter registration data
National Credit Federation111 GBInternal personal and financial data of tens of thousands of customers.
NSA47 filesHighly sensitive INSCOM data. Some data was 'NOFORN' classified, indicating high sensitivity that cannot be shared with foreign allies
Octoly12,000A database backup, called `octoly_production.sql`, exposed real names, addresses, phone numbers, email addresses, birth dates of thousands of influential online personalities (Instagram, Twitter, and YouTube personalities), like Dior, Lancome, and Blizzard Entertainment
Patient Home Monitoring316,36347.5 GB PDF medical records containing weekly blood test results, patient names, addresses, and phone numbers. Development server backups. Doctor's names, case management notes, and additional client information.
SVR Tracking540,642Tracking unit information including usernames, passwords, emails, Vehicle Identification Numbers, license plate numbers, IMEI numbers of GPS devices, specific location where the tracking units were hidden, information on customers and 427 dealerships, 116 GB of hourly backups, 8.5 GB of daily backups from 2017, and 339 log documents
TigerSwan9,402Resumes of Top Secret US military veterans names, addresses, phones, emails, Driver License numbers, passport numbers, partial SSNs
Time Warner/BroadSoft4 million600 GB worth of data including usernames, emails addresses, MAC addresses, device serial numbers, and financial transaction information
Verizon14 millionVerizon customer names, addresses, account details, and Personal Identification Numbers (PIN)
Verizon100 MBData from internal Verizon Wireless system (DVS), 129 Outlook messages, logs, server names & info, admin usernames & passwords
Viacom72 filesEncrypted compressed archives containing backup of company's IT infrastructure and private GPG keys used to encrypt the compressed archives
WWE3,065,805Fans names, physical addresses, email addresses, earnings, ethnicity, children’s age ranges, birthdates and additional personally identifiable information
171 |
172 | 175 | 176 | 177 | 178 | 179 | 180 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "bufio" 5 | "encoding/json" 6 | "html/template" 7 | "io/ioutil" 8 | "log" 9 | "os" 10 | "sort" 11 | "strings" 12 | ) 13 | 14 | // Leak sturct represents a slice of bucket leaks in yas3bl.json file 15 | type Leak struct { 16 | Count string `json:"count"` 17 | Data string `json:"data"` 18 | Organization string `json:"organization"` 19 | URL string `json:"url"` 20 | } 21 | 22 | const tmpl = `# YAS3BL (Yet Another S3 Bucket Leak) 23 | 24 | > 🔓 Enumerating all the AWS S3 bucket leaks that have been discovered to date. 25 | 26 | | Company | Link | Records Exposed | Data | 27 | | ------- | ---- | --------------- | ---- | 28 | {{range .}}|

{{.Organization}}

| [🔗]({{.URL}}) | {{.Count}} | {{.Data}} | 29 | {{end}} 30 | ` 31 | 32 | const htmlTmpl = ` 33 | 34 | 35 | 36 | 37 | 38 | YAS3BL 39 | 40 | 41 | 50 | 51 |
52 |
53 |

Yet Another S3 Bucket Leak

54 |
55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | {{range .}} 65 | 66 | 67 | 68 | 69 | {{end}} 70 | 71 |
OrganizationCountData
{{.Organization}}{{.Count}}{{.Data}}
72 |
73 | 76 | 77 | 78 | 79 | 80 | 81 | ` 82 | 83 | func main() { 84 | jsonBytes, err := ioutil.ReadFile("yas3bl.json") 85 | if err != nil { 86 | log.Fatalf("could not read file: %+v\n", err) 87 | } 88 | 89 | var bucketsLeaked []Leak 90 | err = json.Unmarshal(jsonBytes, &bucketsLeaked) 91 | if err != nil { 92 | log.Fatalf("could not unmarshal JSON: %+v\n", err) 93 | } 94 | 95 | sort.Slice(bucketsLeaked, func(i, j int) bool { 96 | return strings.ToUpper(bucketsLeaked[i].Organization) < strings.ToUpper(bucketsLeaked[j].Organization) 97 | }) 98 | 99 | f, err := os.Create("README.md") 100 | if err != nil { 101 | log.Fatalf("could not create README.md file: %+v\n", err) 102 | } 103 | defer f.Close() 104 | 105 | w := bufio.NewWriter(f) 106 | t := template.Must(template.New("tmpl").Parse(tmpl)) 107 | err = t.Execute(w, bucketsLeaked) 108 | if err != nil { 109 | log.Fatalf("could not merge data from JSON into README.md: %+v\n", err) 110 | } 111 | w.Flush() 112 | 113 | hf, err := os.Create("docs/index.html") 114 | if err != nil { 115 | log.Fatalf("could not create index.html file: %+v\n", err) 116 | } 117 | defer hf.Close() 118 | 119 | hw := bufio.NewWriter(hf) 120 | ht := template.Must(template.New("tmpl").Parse(htmlTmpl)) 121 | err = ht.Execute(hw, bucketsLeaked) 122 | if err != nil { 123 | log.Fatalf("could not merge data from JSON into index.html: %+v\n", err) 124 | } 125 | hw.Flush() 126 | } 127 | -------------------------------------------------------------------------------- /yas3bl.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "count": "24,000+", 4 | "data": "A 17MB Excel file containing Data Legend, GDDY Machine Raw Data, Summary, Compute, Storage, Instance Mapping, Spot, Price List sheets", 5 | "organization": "GoDaddy", 6 | "url": "https://www.upguard.com/breaches/public-domain-how-configuration-information-for-the-worlds-largest-domain-name-registrar-was-exposed-online" 7 | }, 8 | { 9 | "count": "2,594", 10 | "data": "Full name, suffix, prefix, phone numbers (cell and landlines), address with house, street, city, state, zip, precinct, political affiliation provided by state, or inferred based on voting trends/history, age and birth year, gender, jurisdiction breakdown based on district, zip code, precinct, county, state, demographics based on ethnicity, language, education", 11 | "organization": "RoboCent", 12 | "url": "https://www.linkedin.com/pulse/hundreds-thousands-us-voter-data-appeared-online-again-bob-diachenko/?published=t" 13 | }, 14 | { 15 | "count": "1.3 million", 16 | "data": "Names, addresses, zip codes, phone numbers, email addresses, ip addresses, plaintext passwords", 17 | "organization": "MBM Company Inc.", 18 | "url": "https://mackeepersecurity.com/post/walmart-jewelry-partner-exposed-millions-customer-details" 19 | }, 20 | { 21 | "count": "3.2 million", 22 | "data": "Files include access credentials for 211 system operators, email addresses for contacts and registered resources of LA County 211, and detailed call notes, including full names, phone numbers, addresses, and even 33,000 instances of full Social Security numbers.", 23 | "organization": "211 LA County", 24 | "url": "https://www.upguard.com/breaches/la-county-211-hotline" 25 | }, 26 | { 27 | "count": "", 28 | "data": "Names, addresses, dates of birth, phone numbers, income ranges, social security numbers (SSNs), driver licenses, armed forces and voter identification cards, bank checks, insurance policy documents, health and medical information (e.g. prescriptions and dosages), and some financial data. Insurance companies found in the data included Cigna, TransAmerica, SafeCo, Schneider Insurance, Manhattan Life, Everest - to name a few.", 29 | "organization": "AgentRun", 30 | "url": "https://www.zdnet.com/article/insurance-startup-leaks-sensitive-customer-health-data/" 31 | }, 32 | { 33 | "count": "50,000", 34 | "data": "Names, phone numbers and email addresses for users and their trusted contacts, passwords, gender, information about their cars including VIN, Connect IDs.", 35 | "organization": "Honda", 36 | "url": "https://mackeepersecurity.com/post/honda-leaked-personal-information-from-its-honda-connect-app/" 37 | }, 38 | { 39 | "count": "119,000", 40 | "data": "Scanned documents of US and international citizens, such as passports, driver licenses, security IDs, home addresses, phone numbers, zip codes", 41 | "organization": "Fedex", 42 | "url": "https://mackeepersecurity.com/post/fedex-customer-records-exposed" 43 | }, 44 | { 45 | "count": "12,000", 46 | "data": "A database backup, called `octoly_production.sql`, exposed real names, addresses, phone numbers, email addresses, birth dates of thousands of influential online personalities (Instagram, Twitter, and YouTube personalities), like Dior, Lancome, and Blizzard Entertainment", 47 | "organization": "Octoly", 48 | "url": "https://www.upguard.com/breaches/cloud-leak-octoly" 49 | }, 50 | { 51 | "count": "123 million", 52 | "data": "Data sets belonging to Experian and US Census Bureau, containing personal details of 198 million American voters and 123 million American household PII data such as home addresses, contact information, morgage ownership, financial histories, and purchasing behaviors.", 53 | "organization": "Alteryx", 54 | "url": "https://www.upguard.com/breaches/cloud-leak-alteryx" 55 | }, 56 | { 57 | "count": "111 GB", 58 | "data": "Internal personal and financial data of tens of thousands of customers.", 59 | "organization": "National Credit Federation", 60 | "url": "https://www.upguard.com/breaches/credit-crunch-national-credit-federation" 61 | }, 62 | { 63 | "count": "47 files", 64 | "data": "Highly sensitive INSCOM data. Some data was 'NOFORN' classified, indicating high sensitivity that cannot be shared with foreign allies", 65 | "organization": "NSA", 66 | "url": "https://www.upguard.com/breaches/cloud-leak-inscom" 67 | }, 68 | { 69 | "count": "1.8 billion", 70 | "data": "Three (3) S3 buckets containing 1.8 billion posts of scraped internet content over the last 8 years.", 71 | "organization": "Department of Defense", 72 | "url": "https://www.upguard.com/breaches/cloud-leak-centcom" 73 | }, 74 | { 75 | "count": "1 million", 76 | "data": "Names, addresses, credit scores and partial Social Security numbers", 77 | "organization": "Alliance Direct Lending Corporation", 78 | "url": "https://threatpost.com/auto-lender-exposes-loan-data-for-up-to-1-million-applicants/125216/" 79 | }, 80 | { 81 | "count": "200 million", 82 | "data": "1.1 Terabytes worth of data on registered voters", 83 | "organization": "DeepRoot Analytics", 84 | "url": "https://www.upguard.com/breaches/the-rnc-files" 85 | }, 86 | { 87 | "count": "2.2 - 4 million", 88 | "data": "Names, addresses, account information, email addresses, and last four digits of credit card numbers of millions of subscribers to Dow Jones publications", 89 | "organization": "Dow Jones", 90 | "url": "https://www.upguard.com/breaches/cloud-leak-dow-jones" 91 | }, 92 | { 93 | "count": "1.8 million", 94 | "data": "Chicago voter names, addresses, date-of-births, partial SSNs, Driver Licenses, and state ID numbers", 95 | "organization": "ES&S", 96 | "url": "https://www.upguard.com/breaches/cloud-leak-chicago-voters" 97 | }, 98 | { 99 | "count": "38,000", 100 | "data": "Credit Card numbers, expiration dates, CVV codes", 101 | "organization": "Groupize", 102 | "url": "https://mackeepersecurity.com/post/online-hotel-booking-service-allegedly-exposed-sensitive-data" 103 | }, 104 | { 105 | "count": "Undisclosed", 106 | "data": "Top Secret data from DoD, Pentagon, and National Geospatial Intelligence Agency (NGA), SSH keys, credentials granting access to data center Operating System", 107 | "organization": "Booz Allen Hamilton", 108 | "url": "https://www.upguard.com/breaches/spy-games" 109 | }, 110 | { 111 | "count": "93.4 million", 112 | "data": "Mexican voter registration data", 113 | "organization": "Mexico's Electoral Authority (INE)", 114 | "url": "http://splinternews.com/a-massive-data-breach-exposed-personal-info-for-93-4-mi-1793856429" 115 | }, 116 | { 117 | "count": "540,642", 118 | "data": "Tracking unit information including usernames, passwords, emails, Vehicle Identification Numbers, license plate numbers, IMEI numbers of GPS devices, specific location where the tracking units were hidden, information on customers and 427 dealerships, 116 GB of hourly backups, 8.5 GB of daily backups from 2017, and 339 log documents", 119 | "organization": "SVR Tracking", 120 | "url": "https://mackeepersecurity.com/post/auto-tracking-company-leaks-hundreds-of-thousands-of-records-online" 121 | }, 122 | { 123 | "count": "9,402", 124 | "data": "Resumes of Top Secret US military veterans names, addresses, phones, emails, Driver License numbers, passport numbers, partial SSNs", 125 | "organization": "TigerSwan", 126 | "url": "https://www.upguard.com/breaches/cloud-leak-tigerswan" 127 | }, 128 | { 129 | "count": "4 million", 130 | "data": "600 GB worth of data including usernames, emails addresses, MAC addresses, device serial numbers, and financial transaction information", 131 | "organization": "Time Warner/BroadSoft", 132 | "url": "https://mackeepersecurity.com/post/global-communication-software-left-massive-amount-of-data-online" 133 | }, 134 | { 135 | "count": "100 MB", 136 | "data": "Data from internal Verizon Wireless system (DVS), 129 Outlook messages, logs, server names & info, admin usernames & passwords", 137 | "organization": "Verizon", 138 | "url": "https://mackeepersecurity.com/post/verizon-wireless-employee-exposed-confidential-data-online" 139 | }, 140 | { 141 | "count": "14 million", 142 | "data": "Verizon customer names, addresses, account details, and Personal Identification Numbers (PIN)", 143 | "organization": "Verizon", 144 | "url": "https://www.upguard.com/breaches/verizon-cloud-leak" 145 | }, 146 | { 147 | "count": "72 files", 148 | "data": "Encrypted compressed archives containing backup of company's IT infrastructure and private GPG keys used to encrypt the compressed archives", 149 | "organization": "Viacom", 150 | "url": "https://www.theregister.co.uk/2017/09/19/viacom_exposure_in_aws3_bucket_blunder/" 151 | }, 152 | { 153 | "count": "3,065,805", 154 | "data": "Fans names, physical addresses, email addresses, earnings, ethnicity, children\u2019s age ranges, birthdates and additional personally identifiable information", 155 | "organization": "WWE", 156 | "url": "https://threatpost.com/leaky-wwe-database-exposes-personal-data-of-3m-wrestling-fans/126710/" 157 | }, 158 | { 159 | "count": "137+ GB", 160 | "data": "4 S3 buckets exposing secret API data, authentication credentials, 40,000 plaintext passwords, credentials for GCP and Azure accounts, SSL certificates, private decryption keys, production VPN keys for internal/private networks, database dumps, user IP addresses, JSESSION IDs.", 161 | "organization": "Accenture", 162 | "url": "https://www.upguard.com/breaches/cloud-leak-accenture" 163 | }, 164 | { 165 | "count": "316,363", 166 | "data": "47.5 GB PDF medical records containing weekly blood test results, patient names, addresses, and phone numbers. Development server backups. Doctor's names, case management notes, and additional client information.", 167 | "organization": "Patient Home Monitoring", 168 | "url": "https://mackeepersecurity.com/post/patient-home-monitoring-service-leaks-private-medical-data-online" 169 | }, 170 | { 171 | "count": "50,000", 172 | "data": "Personal data of Australian employees of several government agencies, banks, and a utility company, including full names, passwords, IDs, phone numbers, email addresses, credit card numbers, salaries and expenses.", 173 | "organization": "Australian Broadcasting Company", 174 | "url": "https://mackeepersecurity.com/post/australian-broadcasting-corporation-exposed-sensitive-data-online" 175 | } 176 | ] 177 | --------------------------------------------------------------------------------