Didn't read the article, curious how you steal 900GB of data, what kind of internet speed do you have? No one noticed this much data being pulled? I don't personally track my server's bandwidth usage. Guess it's time to read.
I could download that in about 3 hours at home with fiber internet, not that big of a window.
At work we use google cloud storage, so if someone had gained access and were downloading stuff we would have absolutely no idea, no without already setup alerts.
I have Google Fiber but on the lower end the 50/50 plan.
Yeah it just seemed like a lot of data to me. Especially if they are just text files not images/videos. Depending on database I don't know. I recently backed up a MYSQL database and it was only in the 10's of MB's with several tables some with over 45,000 rows.
That is something to look into bandwidth monitoring.
It's not hard to get an anonymous server with a good downlink (you can also distribute it across many machines). What make things complicated is that you must assume that there are admins on the victims side and you don't want to get noticed. I guess the attackers either inspect the network to assess them, or they just start slow and if nobody notices the upstream for days or even weeks, they can crank up the speed.
Cellebrite's sysadmins didn't do their job, that's for sure.
At work we use google cloud storage, so if someone had gained access and were downloading stuff we would have absolutely no idea, no without already setup alerts.