Over 250 million artifacts and more than 65,000 container images have been discovered in thousands of misconfigured cloud
software registries, according to SecurityWeek
Organizations of all sizes worldwide, including ten Fortune 500 firms, owned the impacted registries, but only registries of five Fortune 500 companies had highly sensitive data, a report from Aqua Security revealed. One of the two misconfigured container image registries owned by an international tech firm enabled the download of artifacts, with threat actors obtaining an active API key for internal binary downloads.
"We later learned that this was a case of Shadow IT, where a developer with a side project opened an environment against policy and regulations without proper controls," said Aqua Security, which noted that the exposure had already been addressed by the tech company.
Researchers also noted a healthcare organization to have an exposed container image registry with PGP keys and staging environment, Stripe payment app key, and code access, which could have been targeted by state-sponsored or financial attackers.