<div dir="ltr">The person that got access to their system was not an AWS employee when the breach happened. The person got access via a misconfigured server/system that wasn't Amazon's fault.<div><br></div><div>See the original court case for details: <a href="http://regmedia.co.uk/2019/07/29/capital_one_paige_thompson.pdf">http://regmedia.co.uk/2019/07/29/capital_one_paige_thompson.pdf</a><br></div><div><br></div><div>This is the same as saying it's Amazon's fault that people make their S3 buckets public and information gets exposed.</div><div><br></div><div>Andras</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Sep 11, 2019 at 12:26 PM Chad Kelly <<a href="mailto:chad@cpkws.com.au">chad@cpkws.com.au</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 9/11/2019 12:00 PM, <a href="mailto:ausnog-request@lists.ausnog.net" target="_blank">ausnog-request@lists.ausnog.net</a> wrote:<br>
<br>
> When someone questions whether this-or-that was predicted, this seems most<br>
> likely to indicate either the plausibility of the threat, or which side of<br>
> a closed door the questioner was on when the discussions were held.<br>
<br>
I'd worry less about people placing explosives in servers and more about <br>
making sure that proper checks are in place for the people with access <br>
to information.<br>
<br>
<br>
AWS is a good example of this, they really need to lift their game.<br>
<br>
Stuff like the Capital One incident just shouldn't happen and as a <br>
result of that I am not recommending AWS to any of our customers.<br>
<br>
That isn't the only reason, but the fact Capital One are still with AWS <br>
after that incident scares me a little, if I was them I would of dumped <br>
them as a vendor immediately.<br>
<br>
Basically Datacentres and network operators need to force all staff to <br>
undergo regular checks particularly when dealing with sensitive info.<br>
<br>
I also am aware that the Capital One case isn't Australian, but it is <br>
still a good example of why providers need to keep an eye on who has <br>
access to certain info.<br>
<br>
<br>
-- <br>
Chad Kelly<br>
Manager<br>
CPK Web Services<br>
Phone 03 5273 0246<br>
Web <a href="http://www.cpkws.com.au" rel="noreferrer" target="_blank">www.cpkws.com.au</a><br>
<br>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>