Security firms pay more attention to unsecure cloud back-ends, which have been found to contain terabytes of data. Appthority published its investigation results, which found that nearly 43 TB of enterprise data had been exposed on cloud backends. This follows a similar report by another security company. Appthority’s new 2017 Q2 Enterprise Mobile Threat Report (free to register) revealed that mobile apps are leaking data to unencrypted cloud back-ends. Security concerns usually focus on three factors: apps, device threats, and network threats. However, this data leakage on the back end was dubbed “HospitalGown”, because of the garment’s open back. Appthority stated in a blog last week that they found nearly 43 TB of data exposed, and 1,000 apps affected. “We still found 280,000,000 records exposed when we looked at 39 apps, which is a total of 163 GB data. This is a huge amount of information and can sometimes be the entire enterprise’s operational or customer data. This report is similar to a RedLock Inc. report that revealed security problems primarily due to user misconfigurations on public clouds platforms. Amazon Web Services Inc. (AWS), was prominently mentioned in the report. RedLock stated that 82 percent of hosted databases are still unencrypted. Appthority also mentions the AWS cloud in its new report. One of the report’s key findings was that the enterprise threat is real. The apps connect to unsecured databases using a variety of popular enterprise services, such as Elasticsearch or Amazon Web Services. Ransomware attacks targeting unsecure Elasticsearch servers, MongoDB databases, and other enterprise services generated a lot of publicity in the security industry. The problem was not addressed by the media. The report states that weakly secured back-ends in apps used to by employees, customers, and partners create a range security risks, including data leaks of personally identifiable data (PII), and other sensitive data. They also increase the risk of spearphishing, brute force logins, social engineering, ransomware, and other attacks. HospitalGown makes it much easier to access data and exfiltrate than other types of attacks. The report’s key findings were listed by the company as follows:

The affected apps are connecting to unsecured databases on popular enterprise services such as Elasticsearch or MySQL, which are leaking large amounts sensitive data.
Apps that used just one of these services exposed almost 43TB of data.
Multiple affected apps were able to leak PII including passwords and travel details, payment details, location and travel details, corporate profile data (including employee VPN PINs, emails and phone numbers) and customer data.
Due to the risk’s location in the architecture stack of mobile app vendors, enterprise security teams don’t have visibility into the risk.
Multiple times, data have been accessed and ransomed by unauthorized persons in multiple cases.
Even apps that have been removed form devices and app stores pose a risk because of sensitive data that is still stored on unsecure servers.

According to the company, its Mobile Threat Team discovered the HospitalGown vulnerabilities using a combination its dynamic app analysis tool with a new back end scanning method. This scan looked at the network traffic on more that 1 million enterprise mobile apps, iOS and Android. Appthority stressed that all HospitalGown vulnerabilities were the same as the RedLock reports.