Capital One was hacked by a software engineer.
Once again, S3 bucket got hacked because of one misconfiguration. And it contains millions of people's personal information and credit history. Some thoughts on what happened to Capital one (3rd Credit Card issuer in the world)
- If one misconfiguration can lead to massive data breach (including encrypted data), and it happens again and again, this cloud provider probably needs to improve its security design.
- Security is hard and it's even harder in the cloud. But can you ask more often "What Could Go Wrong" if your job is to defend millions of people's credit card information.(FBI report: https://www.justice.gov/usao-wdwa/press-release/file/1188626/download)