Thursday, February 29, 2024
Archived Post

Some Apple folders exposed in misconfigured Box accounts snafu

Security researchers at Adversis, a cybersecurity firm, have found dozens of companies inadvertently leaking sensitive corporate and customer data because staff are sharing public links to files in their Box enterprise storage accounts that can be easily discovered, reports TechCrunch.

The discoveries were made by Apple had several folders exposed, containing what appeared to be non-sensitive internal data, such as logs and regional price lists, the report adds. Data stored in Box enterprise accounts is private by default, users can share files and folders with anyone, making data publicly accessible with a single link. 

Adversis said these secret links can be discovered by others. Using a script to scan for and enumerate Box accounts with lists of company names and wildcard searches, Adversis found over 90 companies with publicly accessible folders, notes TechCrunch.

Dennis Sellers
the authorDennis Sellers
Dennis Sellers is the editor/publisher of Apple World Today. He’s been an “Apple journalist” since 1995 (starting with the first big Apple news site, MacCentral). He loves to read, run, play sports, and watch movies.