Not only was this S3 public for reading but sounds like you could create & update as well since 2018. It contained "50 gigabytes of files, including passports and driver licenses".
Per the Tech Crunch article:
> It’s not known for exactly how long the bucket was left exposed, but a text file left behind by an unnamed security researcher, dated September 2018, warned that the bucket was “not properly configured” which can have “dangerous security implications.”
An open S3 bucket is a huge red flag that this feels state manufactured. Most people aligned with this protest probably possess the technical chops to know to do better.
https://techcrunch.com/2022/02/08/ottawa-trucker-freedom-con...