• News
  • Interviews
    • Featured Interviews
    • Hot Seat
  • Podcasts
  • Innovation Corner
  • Articles
  • Insights
    • Quick Bytes
    • Guest Author
    • Editor’s View
    • Use Cases
    • Events
  • Resources
Search
Monday, June 27, 2022
Sign in
Welcome! Log into your account
Forgot your password? Get help
Privacy Policy
Password recovery
Recover your password
A password will be e-mailed to you.
EnterpriseTalk EnterpriseTalk EnterpriseTalk
  • News
  • Interviews
    • Featured Interviews
    • Hot Seat
  • Podcasts
  • Innovation Corner
  • Articles
  • Insights
    • Quick Bytes
    • Guest Author
    • Editor’s View
    • Use Cases
    • Events
  • Resources
Home News Secret Apple Data Leak from Public Box Account
  • News

Secret Apple Data Leak from Public Box Account

By
Suprotik Sinha
-
March 12, 2019
Data

Adversis a cyber-security firm claiming it has discovered that Box Customers were leaking corporate data belonging to 90+ companies. It is a data management service similar to OneDrive and Google Drive, used by several big companies like Amadeus, Apple, Discovery, and more.

The exposure is due to easy guessing or forcing of Box account shared document URLs, and is not a bug. The companies are not aware that they were leaking sensitive corporate and other customer information when public links to files shared. Box accounts and enterprise accounts are private by default. The files can be shared with anyone by the users. If users successfully guess the URL, which often contains sensitive data, they can access it by guessing.

The TechCrunch report says, “Although data stored in Box enterprise accounts are private by default, users can share files and folders with anyone, making data publicly accessible with a single link. But Adversis said others could discover these secret links. Using a script to scan for and enumerate Box accounts with lists of company names and wildcard searches, Adversis found over 90 companies with publicly accessible folders.”

Box spokesperson Denis Roy told the publication, “We take our customers’ security seriously, and we provide controls that allow our customers to choose the right level of security based on the sensitivity of the content they are sharing. In some cases, users may want to share files or folders broadly and will set the permissions for a custom or shared a link to the public or ‘open.’ We are taking steps to make these settings more clean and bright, better help users understand how their files or folders can be shared, and reduce the potential for content to be shared unintentionally, including both improving admin policies and introducing additional controls for shared links.”

  • TAGS
  • Adversis
  • Amadeus
  • Apple
  • Box Account
  • Cyber
  • Cyber Security
  • Data
  • Discovery
  • Google Drive
  • technology
Linkedin
Twitter
Facebook
    Previous articleUltrasound Machines are Vulnerable to Hacking
    Next articleHP Technologies – Recall of Batteries for Notebook Computers and Mobile Workstations
    Suprotik Sinha
    https://enterprisetalk.com/
    Suprotik Sinha is the Global News Correspondent with OnDot Media. He writes about technologies and trending news in the global enterprise space. An animal lover, Suprotik, is a postgraduate from Symbiosis Institute of Mass Communication (SIMC) Pune. He carries two years of experience in mainstream broadcast media where he worked as a reporter with Ibn7 and Zee Media in Mumbai.

    RELATED ARTICLESMORE FROM AUTHOR

    Innovaccer Becomes a part of CARIN Alliance to Advance Access and Interoperability in the Healthcare Ecosystem-01

    Innovaccer Joins the CARIN Alliance to Advance Access and Interoperability in the Healthcare Ecosystem

    Citi_ J.P. Morgan and AccessFintech Accomplish Operational Efficiencies Through Data and Workflow Collaboration-01

    Citi, J.P. Morgan and AccessFintech Achieve Operational Efficiencies Through Data and Workflow Collaboration

    Quectel releases dual-band high precision GNSS module LC29H with RTK and DR technologies-01

    Quectel releases dual-band high precision GNSS module LC29H with RTK and DR technologies

    FEATURED ARTICLES

    The End-User Expenditure on IT Services in India Will Reach Almost $18 Billion in 2021

    The End-User Expenditure on IT Services in India Will Reach Almost $18 Billion in 2021

    August 18, 2021
    Infrastructure

    Risks of Transforming Legacy Infrastructure

    February 14, 2019
    Managed Infrastructure Services - Top Four Big Trends Disrupting-01

    Managed Infrastructure Services – Top Four Big Trends Disrupting This Space

    December 21, 2021


    A Peer Knowledge Resource – By the CXO, For the CXO.

    Expert inputs on challenges, triumphs and innovative solutions from corporate Movers and Shakers in global Leadership space to add value to business decision making.

    Media@EnterpriseTalk.com
    Sales@EnterpriseTalk.com

    Top Picks

    • Innovaccer Joins the CARIN Alliance to Advance Access and Interoperability in the Healthcare Ecosystem
    • Citi, J.P. Morgan and AccessFintech Achieve Operational Efficiencies Through Data and Workflow Collaboration
    • Choosing the Right Cloud Storage for Enterprises
    • Factors to Consider Before Making an Investment in a CDP
    • Intel Delays Opening Of Ohio Factory Until Congress Deliberates the CHIPS Act

    Visit Our Other Publication

    Quick Links

    • About Us
    • News
    • Featured Articles
    • Featured Interview
    • Hot Seat Interview
    • Quick Bytes
    • Featured Events
    • Resources
    • Privacy Policy
    • Do Not Sell My Information

    SUBSCRIBE TO OUR NEWSLETTER

    An Imprint of OnDot ® Media © | All rights reserved | Privacy Policy