Comment: 5 Billion Records Exposed In Open ‘Data Breach Database’

Researcher Bob Diachenko has announced that he discovered an unprotected and thus publicly available Elasticsearch instance which appeared to be managed by a UK-based security company, according to the  SSL certificate and reverse DNS records.  The irony of that discovery is that it was a ‘data breach database’, an enormously huge collection of previously reported (and, perhaps, non-reported) security incidents spanning 2012-2019 era.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Tim Erlin
Tim Erlin , VP of Product Management and Strategy
InfoSec Expert
March 23, 2020 11:35 am

There is a certain irony is an exposed database of previously compromised data.

The fact that this data was previously compromised doesn’t mean this incident is meaningless. The sheer volume of these collections makes it a valuable target for criminals. Sometimes the data itself is made more valuable by the ease of access or aggregation.

It would be important to know for how long this data has been exposed, and of course, whether anyone has actually accessed it.

Last edited 2 years ago by Tim Erlin
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x