- Cloud Security Newsletter
- Posts
- 3 Public Cloud Security Incidents That Changed Everything!
3 Public Cloud Security Incidents That Changed Everything!
Cloud Security today in 2025 is a lot more mature with many professional with certifications from one or more cloud providers. This was not always the case. Today we are looking back at the 3 Public Cloud Security Incidents that changed the way everything
Hello from the Cloud-verse!
This week’s Cloud Security Newsletter Topic is 3 Public Cloud Security Incidents That Changed Everything! (continue reading)

3 of the Most Impactful Cloud Security Breach so far - (Image Credit - Dalle)
Incase, this is your 1st Cloud Security Newsletter! You are in good company!
You are reading this issue along with your friends and colleagues from companies like Netflix, Citi, JP Morgan, Linkedin, Reddit, Github, Gitlab, CapitalOne, Robinhood, HSBC, British Airways, Airbnb, Block, Booking Inc & more who subscribe to this newsletter, who like you want to learn what’s new with Cloud Security each week from their industry peers like many others who listen to Cloud Security Podcast & AI CyberSecurity Podcast every week.
Welcome to this week's edition of the Cloud Security Newsletter!
This week, like everyone in January we're going back in time to recap the Public Cloud Security incidents that were the reason which changed the Risk posture for security “from“ the cloud and how it’s easy to .
In this week’s issue .
Featured Experts This Week
Ashish Rajan - CISO, Trainer & Host of Cloud Security Podcast
1 - Capital One 🏦 Data Breach
Date: March 2019 (Link to disclosure report)
What Happened?:
A former AWS(Amazon Web Services) software engineer, illegally accessed a vulnerable server of Capital One which was accessible from the internet.
The Impact: Before this incidents the Shared Responsibility side of Cloud was not given a lot of attention. This became a MEDIUM Risk from a LOW Risk is most risk matrix charts for Cloud in many organizations. This meant there was a lot more importance to resources and training around cloud security for employees. Cloud Security Podcast was born few months later. Talk about an Origin story. 🙂
This week's Issue is sponsored by Vanta
7 steps to an airtight GRC strategy
The information security landscape is constantly changing, which is why it’s important to have a scalable and secure strategy that evolves alongside it.
Implementing a GRC program can provide your organization with a structured, proactive approach to managing its IT security that helps your business meet its goals.
Learn how to implement a GRC framework with Vanta’s tactical guide.
Here’s what’s inside:
-Overview of GRC strategy
-The three components that make up a GRC framework
-The steps needed to implement GRC for your organization
2 - Tesla 🚗 Cloud Breach by Crypto Miners
Date: December 2018 (Link to a related article1 on more examples, article2 on K8S vulnerability)

Source: Medium
What Happened?:
The Kubernetes console of a Tesla application was left accessible from the internet with anonymous access (aka no password needed). The attackers installed crypto-mining software and were undetected for a long period.
The Impact: Kubernetes is considered complex so didn’t get a lot of attention initially, inspite it’s usage increasing exponentially over the years with their annual conference KubeCon growing their attendance each year. Today in 2025, the story is still similar you the convergence of Cloud Security people who know kubernetes security or the other way around is small. Even in Cloud Security Classes we run on Cloud Security Bootcamp or the monthly technical workshops - Kubernetes continues to be a top ask.
There is a difference though, with now AI in the picture and most of the AI workload being build in Kubernetes on Cloud, the examples of kubernetes breaches from Tesla, Shopify are some of the examples used to highlight the importance of being prepared for securing Kubernetes workload in organizations.
We see more Kubernetes security in the coming years as the AI impact continues to grow.
3 - Uber 🚕 Data Breach
Date: 16 September 2022 (Link to a related article, another article)

What Happened?:
An employee’s VPN credential were compromised via social engineering, which then was used to pivot into deeper parts of the intranet incl Google Cloud Storage, GCP, AWS and *.uberinternal among other resources.
The Impact: Uber had already been in the firing line in 2016 before this for a massive data breach and the attention in this particular incident also went to the 57 million customers & drivers data. In all of this, the part which most Cloud Security folks picked up - Oh wait, the attacker could access AWS & GCP. This was a total compromise of potentially their entire cloud footprint.
This shifted the focus of cloud security to cover Identity which was traditionally managed and looked after by the identity team but now Cloud team had more shared responsibility here.
Conclusion
There were many more breaches but these perhaps left the most impact and continue to do so even today. Although, i am curious,
What was the first Cloud Security Breach you read/heard about?
Next week, we'll explore another critical aspect of cloud security. Stay tuned!
We would love to hear from you📢 for a feature or topic request or if you would like to sponsor an edition of Cloud Security Newsletter.
Thank you for continuing to subscribe and Welcome to the new members in tis newsletter community💙
Peace!
Was this forwarded to you? You can Sign up here, to join our growing readership.
Want to sponsor the next newsletter edition! Lets make it happen
Have you joined our FREE Monthly Cloud Security Bootcamp yet?
checkout our sister podcast AI Cybersecurity Podcast