The File That Contained the Keys Has Been Removed - An Analysis of Secret Leaks in Cloud Buckets and Responsible Disclosure Outcomes

Explore a comprehensive security research presentation analyzing the critical issue of secret leaks in misconfigured cloud storage buckets across AWS S3, Google Cloud Storage, and Azure Blob Storage. Discover how sensitive configuration files containing API keys, credentials, and other secrets become inadvertently exposed through improperly configured cloud environments, creating significant security vulnerabilities for organizations worldwide. Learn about the systematic methodology used to scan publicly accessible cloud buckets, which identified 215 instances of exposed sensitive credentials that could provide unauthorized access to databases, cloud infrastructure, and third-party APIs. Examine the responsible disclosure process undertaken by the researcher, including how 95 security issues were successfully remediated through coordinated efforts with affected organizations and cloud service providers. Understand the varied organizational responses to security disclosures, from direct communication and prompt remediation to silent fixes implemented without feedback to the disclosers. Gain insights into the global prevalence of this security challenge and the diverse approaches organizations take when addressing critical cloud security risks. Benefit from the expertise of Soufian El Yadmani, Founder & CEO of Modat and PhD Researcher at Leiden University, who also serves as Head of Research at CSIRT.global, as he presents findings from this important cybersecurity research conducted at fwd:cloudsec Europe 2025.