A misconfigured cloud storage bucket (AWS S3, Google Cloud Storage, Azure Blob) set to public when it shouldn't be can expose every file inside it — user uploads, internal documents, backups — to anyone who finds or guesses the bucket name.
An S3, GCS, or Azure Blob storage bucket named after your domain, left with public read access, is a common and often accidental way to expose backups, user uploads, or internal files.
Every cloud storage bucket's public/private setting matches what it should actually be, and bucket listing is disabled unless deliberately public.
Fix it, then re-scan — the check confirms itself. No manual checkbox, the scan is the truth.
Run this check in H.I.V.E. →