Video conference company Civicom has had a data leak, found by the Website Planet Security team. Over 100,000 files were included in the Civicom data leak for a total of 8TB+.
Civicom Data Leak
Civicom specializes in online video conferencing and the files included audio and video files of private customer meetings. As is typical of this kind of data leak it was due to a misconfigured AWS S3 bucket, as opposed to attackers actively breaking into the system. Four separate datasets were exposed:
- Videos of meetings
- Clipped Highlights
- Audio recordings
- Audio Transcripts
The security team notes that since Civicom is a B2B company, its clients could have sensitive company data, intellectual property, or trade secrets leaked. Employees of Civicom’s clients had their personal information exposed:
- full names; and
- images of employees’ faces and bodie
The bucket was live and being actively updated at the time of discovery. It has been live since February 2018. The team is quick to note that Amazon isn’t responsible for the management of their clients’ buckets and has no fault in these matters.
Videos of meetings lasted anywhere from one to two hours, and some were recorded with a 360-degree camera. WebSite Planet shared a few blurred-out images of video meetings. Clipped highlights are another form of video exposed on the server. These videos show the most important snippets of information discussed in meetings.
The bulk of the dataset were the audio recordings, although the team couldn’t confirm if those meetings were separate from the video meetings. Audio transcriptions were few in number, and most were done through Amazon Transcribe. Some transcriptions were also created using TrancriptionWing, a Civicom service.
Website Planet also said, “We cannot and do not know whether malicious actors have gained access to the content of Civicom’s open AWS S3 bucket. However, bad actors may have found Civicom’s bucket.”