Tag
An attacker may create an AWS DataSync task to exfiltrate data from a private AWS location to a public one, leading to data compromise, detected by monitoring AWS CloudTrail logs for the `CreateTask` event from the DataSync service.