An unknown threat actor is abusing native AWS’s server-side encryption to remain hidden.

“This is a rare and potentially unprecedented case of a coordinated extortion campaign leveraging leaked AWS credentials to apply server-side encryption (SSE-C) on data stored in S3 buckets, without owner interaction or realization,” Bob Diachenko, a cybersecurity researcher and owner of SecurityDiscovery.com said.

Member when we didn’t move to the cloud because this might happen?