More than 16 terabytes of professional and corporate intelligence data, including personally identifiable information (PII), was sitting in an unprotected database, available to anyone who knew where to look.
This is according to cybersecurity researchers at Cybernews who found the database and described it as “one of the largest lead-generation datasets to have ever leaked.” Despite the risks and the disruptive potential, unprotected databases remain one of the most common causes of data leaks. In this instance, the researchers found a MongoDB database with almost 4.3 billion documents.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Virgin Media breach ‘linked customers to porn’
March 6, 2020
A customer database left unsecured online by Virgin Media contained details linking some customers to pornography and explicit websites. The researchers who first discovered the database told the BBC that it contained more information than Virgin Media suggested. Such details could be used by cyber-criminals to extort victims. Read more… Source: BBC News
- Brazilian security firm leaks more than 25 GB of client and staff data
March 6, 2020
A configuration failure on a server belonging to Orsegups Participações, a large Brazil-based holding company that controls seven businesses active in the property security sector, exposed a series of tax documents revealing clients’ contract values and staff information. The leak, investigated by ZDNet in partnership with Brazilian cybersecurity news website The Hack, has compromised more than 25 GB ...
- 267M Facebook Users’ Phone Numbers Exposed Online
December 19, 2019
A database exposing the names, phone numbers and Facebook user IDs of millions of platform users was left unsecured on the web for nearly two weeks before it was removed. Security researcher Bob Diachenko, who along with Comparitech discovered the unsecured Elasticsearch database, believe it belongs to a cybercriminal organization, as opposed to Facebook. Diachenko went to ...
- Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak
November 25, 2019
An open Elasticsearch server has exposed the rich profiles of more than 1.2 billion people to the open internet. First found on October 16 by researchers Bob Diachenko and Vinny Troia, the database contains more than 4 terabytes of data. It consists of scraped information from social media sources like Facebook and LinkedIn, combined with names, ...
- Open database leaked 179GB in customer, US government, and military records
October 21, 2019
An open database exposing records containing the sensitive data of hotel customers as well as US military personnel and officials has been disclosed by researchers. On Monday, vpnMentor’s cybersecurity team, led by Noam Rotem and Ran Locar, said the database belonged to Autoclerk, a service owned by Best Western Hotels and Resorts group. Autoclerk is a reservations management system used ...
- Equifax failed to take even the most basic precautions, alleges lawsuit
October 21, 2019
A lawsuit on the 2017 data breach allege that Equifax staffers used the default – ‘admin’ – as the username and password to secure customer information portal How would you secure a portal containing valuable, personal finance information of 148 million accounts of customers spread across the US, Canada and the UK? Equifax employees chose default and ...