Earlier this week, a report citing “terabytes of leaked content” was released by cybersecurity firm DirectDefense. In this report, the firm lambasted Carbon Black (a well-respected endpoint security provider) for purportedly making vast amounts of user data publicly visible on an automated basis. Using language like “Welcome to the world’s largest pay-for-play data exfiltration botnet,” DirectDefense claims that all Carbon Black customers are at risk of massive data breaches.
The story quickly reached the media — as is typically the case when the words “terabytes of data” are thrown around — and spread through infosec circles rapidly. There was only one issue, however:
Every single file contained in the “leak” was uploaded due to an optional, off-by-default setting enabled by the “victim” users.