Massive 4TB EY Database Backup Found Publicly Accessible on Azure
gbhackersA critical security vulnerability was discovered when a complete 4-terabyte SQL Server backup belonging to Ernst & Young (EY), one of the world’s Big Four accounting firms, was found publicly accessible on Microsoft Azure.
The exposure was identified by security researchers during routine internet mapping operations and has since been remediated following responsible disclosure protocols.
Discovery and Initial Response
Security researchers conducting passive data collection discovered the massive backup file through standard reconnaissance techniques.
A HEAD request to the Azure storage bucket returned metadata indicating a 4-terabyte object an unusually large file that immediately warranted investigation.
The file naming convention matched SQL Server backup (.BAK) file formats, suggesting a complete database export containing schemas, stored procedures, and potentially sensitive data including API keys, session tokens, user credentials, and authentication tokens.
To verify the file’s authenticity without downloading the entire dataset, researchers examined the file’s header signatures the ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE