If you've ever watched MTV, Nickelodeon, Comedy Central, BET, movies from Paramount, or a bunch of other things in theaters or on television, then you've watched something that Viacom owns.
They're probably the largest media conglomerate in the whole world, so you figured they'd have a tight handle on their digital assets, right?
Like, they wouldn't keep a gigabyte worth of passwords on an unsecured Amazon server just so any Tom, Dick, and Harry who knows how to search properly can find it, right?
Actually, that's exactly what happened, according to the California cyber security group UpGuard.
The server didn't hold any personal information on employees, like social security numbers or home addresses, but it did contain access keys to Viacom's Amazon Web Services account, along with GPG decryption keys. Which means that if anyone got a hold of these, well, Viacom would be in a bad spot. The company plans on hosting its entire company's infrastructure on the AWS server, so if had someone decided to hold their digital assets hostage or just deleted them, they very well could have.
UpGuard's researcher, Chris Vickery, contacted Viacom of the threat by phone on August 31st. The company a few hours later corrected the issue, secured their AWS account, and generally kept quiet about the whole thing. I mean, wouldn't you if you basically let a measly, single gigabyte of data go public and nearly ruin one of the biggest companies in the world?
Viacom ultimately released a statement on the leak where they reiterated that no sensitive employee or user data was compromised:
"Once Viacom became aware that information on a server—including technical information, but no employee or customer information—was publicly accessible, we rectified the issue. We have analyzed the data in question and determined there was no material impact."