We analyze Yang et al.'s outsourcing scheme [IEEE TPDS, 2015, 3461-3470] for big data access control in the cloud, and remark that the scheme is awed because it brings the data owner a new challenge for protecting the session keys with more memory overhead. To the best of our knowledge, it is the first time to find such a shortcoming in outsourcing schemes.