There's a reason that third-party vendor risk is one of the most attended topics at SecureWorld cybersecurity conferences.
Here it is.
A data vendor for Ford, Netflix, and TD Bank just got caught with a leaky AWS S3 bucket. And this bucket was loaded with treasure, as ZDNet reports:
The exposed information included backups of employees' OneDrive accounts; email correspondence; system passwords; private keys for production systems; sales and marketing contact information; project specifications; employee personal data; and more.
For example, UpGuard researchers found usernames and passwords for Netflix production database systems, TD Bank invoices for internal software employees were using, and various Ford internal project files.