Ethical Hacking News
A global accounting giant's 4TB SQL Server backup file was discovered publicly accessible on Microsoft Azure, highlighting the importance of continuous cloud visibility and leak detection tools in detecting such exposures before malicious actors exploit them.
started: 2025-10-31 10:42:55.022727
ending: 2025-10-31 10:49:15.307491
EY, a global accounting giant, suffered a massive data breach where a 4TB SQL Server backup file was found publicly accessible on Microsoft Azure. The file contained sensitive data such as schemas, user information, API keys, credentials, and authentication tokens. A cybersecurity firm called Neo Security discovered the exposure during a routine scan of the Microsoft Azure cloud storage platform. The incident highlights the importance of continuous cloud visibility and leak detection tools in detecting exposures before malicious actors exploit them. Experts stress that organizations must remain vigilant and proactive in identifying potential vulnerabilities before they are exploited by malicious actors. The exposure serves as a wake-up call for organizations to review their cloud storage security measures and implement robust monitoring tools.
EY, a global accounting giant, has recently fallen victim to a massive data breach. According to a recent report by Neo Security, a cybersecurity firm that specializes in identifying and exposing sensitive data left unsecured online, EY's 4TB SQL Server backup file was discovered publicly accessible on Microsoft Azure.
The incident occurred when Neo Security's lead researcher conducted a routine scan of the Microsoft Azure cloud storage platform using low-level tools. The researcher stumbled upon a massive 4TB SQL Server backup file with a .BAK extension, which indicated that it was a full database backup containing sensitive data such as schemas, user information, API keys, credentials, and authentication tokens.
The size of the file was equivalent to millions of documents or the contents of an entire library. The discovery of this massive file sparked concerns among cybersecurity experts, who highlighted the importance of continuous cloud visibility and leak detection tools in detecting such exposures before malicious actors exploit them.
Initial searches on Azure Blob revealed no owner information for the 4TB SQL Server backup, but a DNS SOA lookup linked the file to EY. Neo Security verified that the file was unencrypted by downloading just 1,000 bytes of its content, confirming real risk based on past fintech breaches from brief .BAK exposures.
To confirm ownership, Neo Security's researcher conducted various searches, including company name searches and business merger documents. The search revealed that EY had acquired a larger entity in 2020, but the parent company name was not immediately obvious. However, running an SOA record lookup pointed to an authoritative DNS server, which ultimately led to the discovery of EY's identity.
This incident serves as a stark reminder that even large organizations like EY can accidentally leave massive amounts of sensitive data exposed due to the complexity and speed of modern cloud environments. The automated scanning tools used by Neo Security highlight the importance of continuous monitoring and attack surface management in detecting such exposures before malicious actors exploit them.
In this era of automation, it is no longer a question of if an exposure will occur but rather how many actors can discover it. Experts stress that cybersecurity organizations must remain vigilant and proactive in identifying potential vulnerabilities before they are exploited by malicious actors.
The discovery of EY's 4TB SQL Server backup exposed on Microsoft Azure serves as a wake-up call for organizations to review their cloud storage security measures and implement robust monitoring tools to detect such exposures. It also highlights the importance of responsible disclosure, where cybersecurity firms like Neo Security proactively report vulnerabilities to affected organizations before publicly disclosing them.
In conclusion, the exposure of EY's 4TB SQL Server backup on Microsoft Azure serves as a stark reminder of the ongoing cat-and-mouse game between cybersecurity experts and malicious actors. As technology continues to evolve at an unprecedented pace, it is essential for organizations to prioritize their cloud storage security measures and remain vigilant in identifying potential vulnerabilities.
A 4TB SQL Server backup file belonging to global accounting giant EY was discovered publicly accessible on Microsoft Azure. The exposure highlights the importance of continuous cloud visibility and leak detection tools in detecting such exposures before malicious actors exploit them.
Related Information:
https://www.ethicalhackingnews.com/articles/Exposing-the-Unseen-A-4TB-SQL-Server-Backup-Left-Publicly-Exposed-on-Microsoft-Azure-ehn.shtml
https://securityaffairs.com/184062/data-breach/ernst-young-exposes-4tb-sql-server-backup-publicly-on-microsoft-azure.html
Published: Fri Oct 31 10:50:41 2025 by llama3.2 3B Q4_K_M
