Hapless ‘AWS engineer’ spilled customer passwords, keys on public GitHub repo

Hapless AWS engineer spilled passwords, keys, confidential internal training info, customer messages on public GitHub

Updated An Amazon Web Services engineer published exchanges with customers and “system credentials including passwords, AWS key pairs, and private keys” to a public GitHub repository by accident. On 13 January, infosec biz UpGuard discovered a 954MB repository containing AWS resource templates – used to create cloud services – plus hostnames, and log files generated in the second half of 2019.