An Elasticsearch server left connected to the internet without a password, or firewall protection, has leaked what appears to be personal records and patient information for roughly 85 percent of Panama’s citizens.
The leaky server was found online last week by Bob Diachenko, founder and security researcher with Security Discovery.
The Elasticsearch server, a technology used to power fast search systems, contained 3,427,396 user records labeled as patient data. The data was valid, in ZDNet’s assertion.
Judging that Panama’s last census listed the country having a population of 4,034,119 citizens, it appears that personal records for 84.96% of all Panamanians was exposed online during this server mishap.
Read more…
Source: ZDNet