AWS is discontinuing its SSE-C encryption for S3, a feature that allowed users to manage their own encryption keys. While not widely adopted, it was exploited in a ransomware scheme, prompting the decision to remove it. The article outlines alternatives like KMS and client-side encryption.

A significant ransomware campaign has exploited over 1,200 unique AWS access keys to encrypt files in S3 storage buckets, leaving ransom notes demanding payment in Bitcoin. The attackers are using AWS's own encryption features to hide their activities, making it difficult for victims to detect breaches or recover their data.