Skip to main content
close search
site logo
Dive Brief

Cloud storage buckets leaking secret data despite security improvements

New data from Tenable highlighted significant improvements in the number of businesses with publicly exposed and critically vulnerable buckets storing sensitive data.

Published June 18, 2025
Eric Geller's headshot
Senior Reporter
An attendee passes an AWS logo on a escalator at the AWS re:Invent 2024 conference hosted at in Las Vegas on December 3, 2024.
An attendee passes an AWS logo on an escalator at the AWS re:Invent 2024 conference in Las Vegas on Dec. 3, 2024. Researchers on Wednesday reported that many of AWS's and its competitors' cloud buckets contain sensitive data. Noah Berger / Stringer via Getty Images
This audio is auto-generated. Please let us know if you have feedback.

Dive Brief:

  • Nearly one in 10 publicly accessible cloud-storage buckets contained sensitive data, with virtually all of that data considered confidential or restricted, according to a new report from Tenable based on scans conducted between October 2024 and March 2025.
  • On the other hand, more than eight in 10 organizations using Amazon Web Services have enabled an important identity-checking service, according to the report, published on Wednesday.
  • The number of organizations with triple-threat cloud instances — “publicly exposed, critically vulnerable and highly privileged” — declined from 38% between January and June 2024 to 29% between October 2024 and March 2025.

Dive Insight:

Tenable’s report highlights serious risks facing cloud storage users, as well as some promising security trends.

Amazon Web Services hosted more sensitive data (16.7% of its buckets) than Google Cloud Platform (6.5%) and Microsoft Azure (3.2%), the report showed. According to Tenable, that could be because “users are confident in the AWS security measures they have put in place” or because of AWS’s longevity as a cloud provider.

Cloud buckets’ configuration settings may be leaking secret data, Tenable said. Researchers found sensitive information in 54% of AWS users’ Elastic Container Service task definitions and 52% of Google CloudRun environment variables. In addition, Tenable found that more than a quarter of AWS users were storing sensitive information in their user data. 

Overall, 3.5% of AWS EC2 instances contained secrets in user data. Tenable called this “particularly concerning,” noting that attackers who access these secrets “can use them to trigger a cascade of exploitative activity.”

Tenable’s report also dove into “toxic cloud trilogies” — instances that are publicly exposed to the internet, contain critical vulnerabilities and contain highly privileged data. Researchers saw promising declines in multiple metrics, including the number of organizations with at least one such bucket on AWS or GCP (down from 38% to 29%), the number of organizations with five of them (down from 27% to 13%) and the number of organizations with 10 of them (down from 15% to 7%). Even so, Tenable said, “these findings show that toxic cloud trilogies continue to pose an urgent problem for organizations.”

Filed Under: Vulnerability, Threats

Editors' picks

Company Announcements

View all | Post a press release
Concierge Cyber Launches Concierge Cyber InsurePLUS: Standalone Cyber Insurance with the My-CH…
From Concierge Cyber
June 18, 2025
Concierge Cyber logo
iOT365 and Civitas Group Announce Strategic Partnership to Deliver Advanced OT and IoT Cyberse…
From iot365
June 18, 2025
iot365 logo
Mckinsey Nextrend: 5 Tools That Help You Sleep Better at Night (If You’re a CISO)
From Mckinsey Nextrend
June 04, 2025
DNS4EU Launches European Alternative to Google and Cloudflare DNS, Powered by Whalebone
From Whalebone
June 11, 2025
Whalebone logo
Editors' picks
Latest in Vulnerability
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.