Comment: 5 Billion Records Exposed In Open ‘Data Breach Database’

By   ISBuzz Team
Writer , Information Security Buzz | Mar 23, 2020 03:32 am PST

Researcher Bob Diachenko has announced that he discovered an unprotected and thus publicly available Elasticsearch instance which appeared to be managed by a UK-based security company, according to the  SSL certificate and reverse DNS records.  The irony of that discovery is that it was a ‘data breach database’, an enormously huge collection of previously reported (and, perhaps, non-reported) security incidents spanning 2012-2019 era.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Tim Erlin
Tim Erlin , VP of Product Management and Strategy
March 23, 2020 11:35 am

There is a certain irony is an exposed database of previously compromised data.

The fact that this data was previously compromised doesn’t mean this incident is meaningless. The sheer volume of these collections makes it a valuable target for criminals. Sometimes the data itself is made more valuable by the ease of access or aggregation.

It would be important to know for how long this data has been exposed, and of course, whether anyone has actually accessed it.

Last edited 3 years ago by Tim Erlin

Recent Posts

Would love your thoughts, please comment.x