A Technical Analysis of the Capital One Hack

The disclosure of yet another cloud security misconfiguration leading to the loss of sensitive personal information came with a bit more information from the indictment of the accused party, allowing us to piece together the revealed data and take an educated guess as to what may have transpired leading up to the loss of over 100 million credit card applications and 100 thousand social security numbers. At the root of the hack lies a common refrain: the misconfiguration of cloud infrastructure resources allowed an unauthorized user to elevate her privileges and compromise sensitive documents.

Related links


Tags capital one cloud cloud infrastructure misconfiguration security

1 Votes

You must log in to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.