On the morning of 13 January 2020, an Amazon technical employee shared sensitive information on Github. The public repository contained personal identity documents, system credentials, passwords and AWS key pairs. While the breach was detected within half an hour by a cybersecurity company and deleted from Github within about 5 hours, attackers could have gained root access to AWS accounts.
MCON clients and partners can rest assured that their data and credentials are not compromised by the data breach above. We never share credentials – not even with AWS – and all credentials are stored encrypted inside secure MCON facilities.
If you use AWS services or AWS credentials not secured and monitored by MCON, you might want to investigate further to make sure neither your databases, nor mail servers hosted on AWS are affected.