Amazon’s Simple Storage Service (S3) suffered a notable outage when one of its data centers became unreachable, disrupting websites that relied on S3 for storage. Customer complaints highlighted the need for clearer service status communication and incident transparency. The event helped push major cloud providers toward more formal public status pages and post-incident explanations.
Google disclosed and fixed a bug that could have caused some Google Docs users to share documents without meaning to. The issue was triggered by changing sharing permissions on multiple documents at once and could reveal documents to previous collaborators. Google said it affected less than 0.05% of documents and reset sharing as a precaution.
Sony shut down PlayStation Network services after an external intrusion led to a large-scale account data compromise. Public reporting and Sony statements warned that personal information for about 77 million accounts may have been exposed, and the outage lasted for weeks. The incident became a widely cited example of how service availability and privacy can fail together in large online platforms.
A network change in one AWS availability zone triggered failures in Amazon Elastic Block Store (EBS), which then caused broader service disruption in the US-East region. The incident affected many customer applications that depended on EBS-backed EC2 instances and multi-zone control components. AWS published a detailed post-event explanation, and customers increased focus on multi-availability-zone design and recovery testing.
Dropbox reported that a code update introduced an authentication bug that allowed some accounts to be accessed without the correct password for about four hours. Dropbox ended active sessions and investigated whether any accounts were improperly accessed. The incident showed how a single software change in a cloud service can quickly become a broad security risk.
Private photos were stolen from some iCloud accounts and widely published, prompting Apple to say victims were targeted through usernames, passwords, and security questions rather than a single flaw in iCloud itself. The incident increased public attention on account security for cloud-backed photo syncing. It also reinforced the value of stronger login protection (such as two-factor authentication) for cloud accounts.
Google Project Zero disclosed a serious bug in Cloudflare’s edge infrastructure that could leak sensitive data from process memory, including cookies and authentication tokens. Cloudflare said it disabled the affected features and deployed fixes quickly, then worked with search engines to purge cached leaked content. The event highlighted how shared cloud and CDN layers can amplify the impact of a single software flaw.
A major AWS S3 outage in the US-East-1 region disrupted many websites and apps that depended on S3 and related AWS services. AWS attributed the incident to an incorrect command during maintenance, which removed more servers than intended and affected key subsystems. The outage became a turning point in discussions about operational safeguards, dependency mapping, and designing for regional failures.
Researchers reported attackers gained access to part of Tesla’s cloud environment and ran cryptocurrency mining software. Tesla said the issue was addressed within hours and that it found no indication customer data or vehicle safety was compromised. The incident illustrated how exposed cloud management interfaces and credentials can be leveraged even without a traditional data theft.
Google disclosed a Google+ API bug that could expose private profile data to third-party apps and announced plans to shut down the consumer version of Google+. Reporting indicated Google discovered the issue months earlier, raising questions about breach notification and transparency. The case showed how cloud-connected developer APIs can unintentionally expand privacy exposure.
Capital One said an attacker exploited a configuration vulnerability in its infrastructure, enabling unauthorized access to certain customer and applicant data stored in its cloud environment. The company stated it immediately addressed the configuration issue and increased continuous scanning to detect similar problems. This incident became a key example of the shared responsibility model: the cloud provider’s platform may function as designed, while customer configuration errors create risk.
After malicious code was inserted into SolarWinds software updates, investigators reported widespread compromise across government and private networks. Public reporting noted that attackers used cloud-based email and identity systems in the intrusion chain, increasing attention on protecting cloud tenants and monitoring privileged access. The incident helped accelerate new guidance and security baselines for cloud identity, logging, and vendor risk management.
Microsoft released out-of-band security updates for on-premises Exchange Server vulnerabilities being used in active attacks and urged organizations to patch immediately. Microsoft also provided mitigation guidance and tools for defenders to reduce exposure and check for compromise. While Exchange Online was not affected, the incident showed how hybrid cloud deployments can still be heavily impacted by on-premises vulnerabilities.
Security authorities reported on a Cosmos DB vulnerability (nicknamed “ChaosDB”) tied to the Jupyter Notebook feature, which could allow attackers to obtain database credentials and access Azure-hosted data. Guidance emphasized that cloud customers should review exposure and rotate keys where applicable, while Microsoft warned customers about potential risk. The incident underscored that managed cloud services can still create broad security impact when a default-enabled feature has a design flaw.
Major cloud security incidents and provider responses (2009–2021)