Dec 6, 2019 12:08:14 PM
.jpg?width=200&height=78&name=CH%20Diligence%20(thicker%20line).jpg "CH Diligence (thicker line)")
Dec 6, 2019 12:08:14 PM
The target: Sprint, an American telecommunications company.
The take: 261,300 documents, including phone bills and bank statements containing: names, addresses, phone numbers, and in some cases, screenshots with subscribers’ online usernames and account PINs.
The attack vector: A misconfigured cloud storage bucket was publicly exposed and not protected by a password, allowing anyone with internet access to download the contents. The misconfiguration was traced a marketing agency contracted by Sprint.
Any subsidiary or contractor which handles sensitive data is a potential breach source. Internal security controls must be extended to third parties handling a firm’s sensitive data.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montréal
1080 Côte du Beaver Hall, Suite 904
Montréal, QC
Canada, H2Z 1S8
+1-450-465-8880
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy