Sensitive data was openly accessible due to a misconfiguration of the cloud storage
Authorities in Ghana are investigating an apparent data protection breach that may have revealed the personal information of hundreds of thousands of citizens of the West African country.
Researchers at vpnMentor say they discovered a treasure trove of unencrypted data in an Amazon Web Services (AWS) storage silo connected to Ghana’s National Service Secretariate (NSS).
NSS manages mandatory annual public service programs that are mandatory for most Ghanaian graduates and that involve thousands of young people working for 12 months in sectors such as health care and education as a form of national service.
Some of the three million files related to NSS’s work stored in an AWS S3 bucket were password-protected, but many were not – an oversight that exposed an estimated 500,000 to 600,000 people from March 2018 through late 2021. said vpnMentor.
Misconfiguration of the cloud storage
The AWS S3 …