Ethical Hacking News
EY, one of the "Big Four" accounting and consulting firms, recently found itself at the center of a high-profile data breach that exposed its sensitive information to the public internet. A 4TB SQL Server backup file was left unencrypted and exposed for an unknown amount of time, allowing attackers to access trade secrets and credentials.
EY, a major accounting firm, suffered a data breach exposing its sensitive information on the public internet. The breach was caused by an unencrypted 4TB SQL Server backup file left accessible online for an unknown time. The incident highlights the dangers of cloud misconfiguration and the ease with which sensitive info can be leaked. The breach raises concerns about security awareness among cloud service users and the effectiveness of companies' incident response plans. Experts stress the need for greater security awareness, education, and effective incident response plans to prevent similar breaches.
EY, one of the "Big Four" accounting and consulting firms, recently found itself at the center of a high-profile data breach that exposed its sensitive information to the public internet. According to a report by Neo Security, a Dutch cybersecurity outfit, EY's 4TB SQL Server backup file was left unencrypted and exposed to the open web for an unknown amount of time, allowing attackers to access a treasure trove of secrets.
The breach highlights the dangers of cloud misconfiguration and the ease with which sensitive information can be leaked online. Neo Security's report notes that finding the exposed backup file was like discovering a master blueprint and physical keys to a vault, simply sitting there for anyone to find. The company's lead researcher downloaded the first thousand bytes of the file and found it to be unencrypted, a stark reminder of the lax security measures in place.
The breach is reminiscent of a similar incident that Neo Security investigated years ago, where an engineer was caught being lazy during a database migration. They set a bucket to public for five minutes, downloaded the full SQL database backup to migrate, and made it private again. This brief lapse in attention allowed attackers' automated scans to pick up on the exposure, and they downloaded the file for themselves, along with trade secrets and credentials.
Neo Security notes that modern cloud platforms make it trivially easy to export and back up databases. A few clicks, select your database, choose a destination bucket, and you're done. The export happens automatically in the background. However, this convenience comes at a steep price – the potential for catastrophic breaches like EY's.
The breach is particularly concerning because it highlights the lack of security awareness among users of cloud services. Neo Security notes that the tools are designed for convenience, not security, and assume that users know what they're doing. They don't warn users that exporting their entire customer database to a bucket that's readable by anyone on the internet can have devastating consequences.
The incident also raises questions about the effectiveness of companies' incident response plans. In this case, EY's response was praised as professional and effective, but it's unclear for how long the file was exposed. The researcher who discovered the breach had to frantically cold-message LinkedIn to be put through to the company's incident responders.
The breach is a stark reminder that even the largest and most secure companies can fall victim to data breaches. It highlights the need for greater security awareness and education among users of cloud services, as well as more effective incident response plans.
In conclusion, EY's 4TB SQL backup file breach is a wake-up call for the cloud community. It highlights the dangers of cloud misconfiguration and the ease with which sensitive information can be leaked online. As cloud usage continues to grow, it's essential that we prioritize security awareness and education, as well as invest in more effective incident response plans.
Related Information:
https://www.ethicalhackingnews.com/articles/Exposing-the-Elephant-in-the-Room-EYs-4TB-SQL-Backup-File-Breach-Reveals-the-Dangers-of-Cloud-Misconfiguration-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/10/29/ey_exposes_4tb_sql_database/
Published: Wed Oct 29 14:53:10 2025 by llama3.2 3B Q4_K_M
