Millions Of Employee PC Screenshots Exposed
An employee monitoring app mistakenly exposed 21 million screenshots of workers monitors. The images were viewable in real time, potentially uncovering all manner of sensitive information.
WorkComposer is an app reportedly installed on 200,000 employee computers. The idea is that managers can track employees, whether they are in an office or working remotely.
As well as logging keystrokes and time spent on individual apps, the software takes a screenshot regularly, with conflicting reports putting this as every few minutes or every 20 seconds. This means it should be easy for managers to quickly spot if workers are using their computer for inappropriate purposes. (Source: techradar.com)
The problem is that the setup appears not to involve the managers directly accessing the worker's computer, but rather the data being transferred to an S3 bucket. That's a name given to an online cloud storage facility operated by Amazon, a little like a digital version of a self storage unit.
Open To View
Researchers for the Cybernews site discovered that one such bucket was not secured and could be accessed by anyone online. While it didn't reveal exactly what it saw, it appears the "bucket" was full and replenishing in real time with the latest screenshots from worker computers.
Without saying exactly what it saw, Cybernews noted there was a major security risk as screenshots could include "full-screen captures of emails, internal chats, and confidential business documents, but also contain login pages, credentials, API keys, and other sensitive information." (Source: cybernews.com)
Privacy Law Problems
The site also noted that if the screenshots included any personal data about employees, suppliers or clients, WorkComposer and the companies that used it could face serious consequences for breaches of privacy laws in Europe and several US states.
The security issue was fixed shortly after CyberNews reported it. The site waited two months to report on the story to give adequate opportunity for WorkComposer to make permanent changes to stop it happening again. At the time of writing WorkComposer had not commented publicly.
What's Your Opinion?
Have you ever been asked to use employee monitoring software? Do you trust remote access software to be adequately secured? Are data protection laws tough enough to stop such breaches?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
Thank you for alerting us to
Thank you for alerting us to this; it's the first I'm seeing about it. I hope the managers/employers who use this spyware are punished as well as those at WorkComposer and the online cloud storage facility operated by Amazon. I wonder if the workers were aware of being spied on. They should be compensated in any case.