While the latest figures from Statista have shown that at least 40% of French companies have already been attacked online this past year, this figure could increase due to simple security breaches.
With more and more data stored online, and solutions like AWS (Amazon Web Services), more and more companies are delegating their files, including the most important ones. But if this choice is often made for practical reasons, this can have harmful consequences for businesses.
A flaw in WorkComposer endangers its users
Even if WorkComposer is still very little known in France, it is a very popular application in the United States. With more than 200,000 users in large American companies, and a very attractive monthly rate per user of $2.99, WorkComposer aims to boost employee productivity.
But if everything seemed to be succeeding in This startup, a security flaw discovered by Cybernews journalists could call everything into question. In order to be more efficient, WorkComposer regularly records its users' activity through screenshots.
Although the idea is ingenious and particularly appreciated by managers of large organizations, the security flaw has allowed us to get our hands on 21 million screenshots of WorkComposer users.
A misconfiguration of an Amazon server
In the Cybernews study published on April 24 by Paulina Okunytė, we learn that the WorkComposer application is not directly involved. Indeed, the data leak is believed to have come from a misconfiguration of an Amazon server.
In order to store the very many screenshots of users, the application uses Amazon S3 buckets, that is to say storage containers, on the AWS hosting platform.
Unlike the vast majority of storage servers offered by Amazon, the one used by WorkComposer appeared to have a configuration fault. According to the investigation conducted by Cybernews, this allowed confidential information from major American companies to be exposed.
Data leaks on the rise
This is not the first time that software has been at the center of controversies regarding data leaks. In January 2025, another Cybernews investigation already revealed that 13 million screenshots had been leaked from WebWork.
Given the increasing number of these data leaks, it is highly likely that the coming months will reveal a new scandal...
0 Comments