More than five billion records were exposed after an Elasticsearch “data breach database” managed by a U.K.-based security firm and housing a trove of security incidents from the last seven years was left unprotected.
“Data was very well structured,” wrote security researcher Bob Diachenko, who discovered the Elasticsearch instance, of the information, which included hashtypes, leak dates, passwords, email addresses, email domains and leak sources.
Diachenko said he was able to confirm some of the “prominent” leaks in the database, such as Adobe, Last.fm, Twitter, LinkedIn, Tumbler and VK.
Calling the leak potentially “one of the biggest to date – five billion records were exposed,” Anurag Kahol, CTO at Bitglass, pointed out that hackers, like security researchers, also “use tools designed to detect abusable misconfigurations within IT assets like ElasticSearch databases.” Bad actors seeking to appropriate data could have easily exploited the vulnerability, he said.
“The sensitive information exposed from [the UK. company's] Elasticsearch database is more than enough fodder for hackers to launch targeted phishing attacks, engage in account takeover fraud, or even make a profit by selling the data on the dark web,” said Chris DeRamus, CTO at DivvyCloud.