Amazon and Microsoft allow Google indexing files in Blob Storage

Microsoft and Amazon are giants in the cloud storage business. With Microsoft’s Azure platform, and Amazon’s AWS, they dominate the cloud file storage market. Both of these companies take security and privacy seriously, ensuring customers that the data they upload to cloud is safe. This is why it was such a shock to find that they both allow Google to index the files in the blob storage.

Although this was discovered by a security researcher in 2011, it has recently garnered the attention of security professionals on twitter. Mikko Hypponen of F-Secure pointed his followers to try out the “bug” by searching for content on Azure Blob Store with the words “Confidential” in it:

That search query "confidential" yields some very interesting results:

To search for content in Amazon’s AWS storage, use the query:

site: "confidential"

You can also search for specific types of files, for example:
site: filetype:xls password
site: filetype:xls secret
site: "TOP SECRET"

Author: Dev

Full Stack Developer at one of the largest Banks in Canada.