A misconfigured Amazon S3 bucket belonging to Civicom was responsible for exposing thousands of audio and video recordings of the company’s clients.
A New York City-based company known for providing audio, web conferencing, and market research services was found exposing a trove of personal and sensitive data to its clients.
The company in discussion is Civicom, Inc., who, according to its LinkedIn page, claims to provide “the best audio and web conferencing services on the planet, webinar services, global marketing research services, leading transcription/CRM entry service, general transcription service, online jury trials, and more.”
It is worth noting that Civicom is home to hundreds of employees with offices all over the United States, the Philippines, and the United Kingdom. This also indicates the company’s strong customer base and the devastating consequences of such large-scale exposure of data to the public.
What’s worse is that the S3 bucket was left exposed without any password or security authentication meaning anyone with knowledge of how to find misconfigured databases could have accessed the data.
According to the Website Planet Security Team, who originally identified the database, Civicom exposed 8 terabytes of records containing more than 100,000 files, thanks to one of its misconfigured Amazon S3 buckets.
However, due to the humongous size of the database, it was physically impossible for researchers to scan each file. Nevertheless, their analysis revealed that the exposed records included thousands of hours of audio and video recordings containing private conversations as well as written transcripts belonging to the company’s clients.
Additionally, personally identifiable information (PII) such as employees’ full names and photos were also exposed in the incident.
Users of Civicom’s “Glide Central” software are the primarily affected clients. We know this because the content of the server fits with the Audio and Video management software’s features, such as the Clip Key Points feature.Website Planet Security Team
Civicom took months to secure the database
In its blog post, the Website Planet Security Team revealed that the AWS S3 bucket was online since 2018. The researchers identified the exposure on October 28th, 2021, and informed Civicom about the incident on October 30th, 2021.
However, after three months, on January 26th, 2022, Civicom responded to Website Planet and secured the bucket. Nevertheless, the good news is that the bucket is not available publically.
Impact on the company and clients
It is yet unclear whether the database was accessed by a third party with malicious intent such as ransomware gangs or threat actors. But in case it did, it would be devastating for Civicom, its employees, and clients.
It is also possible that threat actors can use the exposed recordings to steal trade secrets and other sensitive information from the company’s clients. Moreover, a competitor can also pay big bucks for the trove of information amid the COVID-19 pandemic where it is difficult for businesses to survive.
If you are a Civicom customer it is time to contact the company and inquire about the incident.
More database mess up news