Check Point researchers have uncovered thousands of sensitive data exposed on the cloud by mobile app developers.
The researchers discovered 2,113 data in which the backend database was left unprotected and accessible to hackers.
The exposed data include chat messages in gaming apps, personal files such as family photos, token IDs for healthcare apps, and data from cryptocurrency exchange platforms.
“Cloud misconfigurations are the consequences of lack of awareness, proper policies, and security training that are further heightened and needed with the new work from the home hybrid model. Bad security practices can cause extensive damage and is yet only one simple click away from being remediated,” Check Point explained.
Check Point offered developers tips to help them better protect databases. This includes following AWS CloudGuard S3 Bucket Security procedures, ensuring that the cloud storage database is not publicly or anonymously accessible.
Developers are also advised to ensure that the default network access rule for Storage Accounts is set to deny Rule ID.