93 Million Mexican Voter Database Exposed On Amazon Cloud - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
93 Million Mexican Voter Database Exposed On Amazon Cloud
Newest First  |  Oldest First  |  Threaded View
Susan Fourtané
50%
50%
Susan Fourtané,
User Rank: Author
4/28/2016 | 5:34:57 AM
Re: When is a breach not a breach?
Charlie, 

That's the problem, that no one can know with certainty that it did get taken down quickly enough. 

This is the main problem I see: 

"INE maintains a database of 93 million voters in Mexico with all the personal information that qualifies them for a government ID and to vote. It makes copies available -- to whom and under what circumstances is not clear --" 


Do you have the knowledge of any other government making copies of such data available? 

-Susan 
Susan Fourtané
50%
50%
Susan Fourtané,
User Rank: Author
4/28/2016 | 4:54:55 AM
Re: AWS and the Cloud Services Learning Curve
Technorati, 

I don't see there was a breach in this case either.  It rather shows how important it is to configure properly, and most of all it's a clear example of what any security expert recommends: Always encrypt your data. Encryption is what determines how secure the data will be in the cloud. 

A cloud service provider is responsible for the cloud infrastructure security. But it's the responsibility of the cloud users to encrypt, protect, and secure their data. There is not too much science in that. 

So, the person who obtained the copy of the data had no idea about the basics of cloud storage when dealing with sensitive data. 

But, I believe the most important thing to question here is how and why the Mexican government allows anyone to have a copy of such data. This is not clear to me.

How can a citizen trust a government that makes it so easy for anyone to access the information of every single citizen? I believe that's the main issue here. Otherwise, this would have never happened. 

-Susan 
impactnow
50%
50%
impactnow,
User Rank: Author
4/27/2016 | 5:48:59 PM
Security not just a cloud issue
I think it's more of an issue of multi tenet cloud versus exclusive cloud. It is also just an overall security issue with both detection and prevention it could happen in any multi tenet cloud environment that is not well protected.
jries921
50%
50%
jries921,
User Rank: Ninja
4/27/2016 | 12:38:03 PM
That should make lots of news in Mexico
'Tis a pity those responsible will never have to face the voters, as in Mexico, nobody is allowed to be reelected.
IbarraSalas
50%
50%
IbarraSalas,
User Rank: Apprentice
4/26/2016 | 4:15:12 PM
Not-so-subtle Homework
A most peculiar case, yet I find myself agreeing with what was said in another post: I sincerely doubt there was an attempt of foul play or even a data leak, it just happens that whoever was responsible for keeping this particular copy in place didn't have the proper information on how to use the tools at hand, a shame, and slightly amusing.

Knowing this lovely country of ours however, its probably going to be kept under wraps and solved through official channels, away from most information center
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
4/26/2016 | 2:52:47 PM
When is a breach not a breach?
Well said, Technocrati. I don't view it as a breach, either, although some may disagree. However, an unauthorized raid on the information was inevitable, if it didn't get taken down quickly. And we don't know for sure that none occurred. The bad outcomes could show up later.
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
4/26/2016 | 2:32:14 PM
AWS and the Cloud Services Learning Curve

This is an interesting case of Data getting out.  I don't see this as a breech but rather shows how difficult it is to really  understand the mechanics of AWS MongoDB.   

The person who obtained a copy obviously did not understand the process well enough to apply security measures, which underscores the fact  that if one uses a Cloud based solution, there is still a learning curve to endure and security is not guaranteed until the effort is made to do so.

 

Mistakes can still be made of course, but the effort to understand how a service works is worth the embarrassment.



The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Commentary
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
Slideshows
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll