
Modern enterprises understand that their data stores are ever-growing– and becoming more distributed through more IT systems, accounts, resources, and more. An enterprise with hundreds of cloud accounts and thousands of buckets and volumes would have been a statistical anomaly 10 years ago. In 2025, cloud usage at this scale is commonplace.
Organizations are also struggling with managing the configuration of these resources. According to Fortinet, 68% of organizations ranked misconfigurations as the most significant security threat to their public cloud. In the first quarter of 2025 alone, tens of millions of records were compromised due to cloud misconfiguration exploits, particularly targeting Amazon S3, despite 2021 being the last year such statistics were formally updated. Casmer Labs identified over ten major misconfiguration incidents involving leaks of more than 1000 records; eight of these were either related to or caused directly by public access to an Amazon S3 bucket or a similar service.
The most substantial publicly disclosed data loss event of Q1 2025 involved Hipshipper, a US shipping service, exposing 14 million shipping labels via a misconfigured and publicly accessible Amazon S3 bucket. These labels included sensitive customer information such as names, addresses, and contact details. Such exposure risks malicious actors using this data for social engineering, like phishing attacks. Other significant Q1 2025 breaches stemming from publicly accessible buckets include ESHYFT's exposure of over 86,000 healthcare records, and Oberlin Marketing's leak of over 320,000 sensitive files, mainly Medicare applications.
Managing the Threat of Misconfigurations
Even for organizations with small numbers of buckets, the misconfiguration threat is still significant. Human error however, the primary driver in most cybersecurity incidents, becomes largely more common and destructive when security teams are tasked to secure thousands of buckets and storage resources. When each bucket needs to be checked, sometimes manually, for dozens of critically important configuration options, the reality is that it can only be a matter of time until someone makes a mistake.
DataDefender by Cloud Storage Security proactively checks for over 90 security configuration options over 11 major cloud storage services. Checks are organized by severity, meaning that the most critical misconfigurations, such as publicly accessible Amazon S3 buckets or EBS snapshots, can be remediated before moving on to other issues.
Figure 1. Security checks summary page in DataDefender console.
As detailed in the above summary page, all open misconfiguration issues are surfaced, including the check itself, the number of open issues, and the risks associated with the misconfiguration. By clicking on the values in the Check Name or Open Issues columns, organizations can drill down to the individual misconfigurations, including where the name of the misconfigured resource, where the resource is located, and when the misconfiguration was detected.
Figure 1. Security checks findings page in DataDefender console.
From here, organizations can quickly respond and remediate any detected misconfigurations, preventing data breaches and data loss in the shortest amount of time possible.
About DataDefender and Cloud Storage Security
DataDefender by Cloud Storage Security offers customers complete protection over the entirety of their cloud storage environment. Make sure your organization:
- Knows where its sensitive data resides
- Configures their storage resources in a secure manner
- Prevents the ingestion and distribution of malware, including ransomware
- Identifies and stops internal and external attacks against storage, and the data within
The DataDefender beta program is available now. Sign up today and ensure that your organization’s data is protected according to its sensitivity.