/https%3A%2F%2Fblueprint-api-production.s3.amazonaws.com%2Fuploads%2Fcard%2Fimage%2F910514%2F9ecc7a21-6ad5-499a-9826-6a493a637e88.jpg)
If you spent anytime on the internet this holiday season, you likely saw friends and family sharing a photo matching their face with their celebrity look-alike. If they didn’t share the photo, it very likely was made publicly available anyway.
The Twinning app created by Popsugar has been inadvertently making the photos uploaded by its users publicly available via an unsecured web address where the pics were stored.
TechCrunch discovered the data leak on Monday when it noticed an Amazon Web Services storage bucket URL in the source code of the Popsugar Twinning web app. A real-time photo stream of users uploading pics to the app was viewable when opening the AWS address in a web browser. Read more…
More about Popsugar, Photo Apps, Data Leaks, Tech, and Social Media Companies
View More Popsugar’s Twinning app was leaking your photo, even if you didn’t share it
If you do a search for Amazon S3 breaches due to customer error of leaving the data unencrypted, you’ll see a long list that includes a DoD contractor, Verizon (the owner of this publication) and Accenture, among the more high profile examples. Today, AWS announced a new set of five tools designed to protect customers from themselves and ensure (to the extent possible) that the data in S3…