https://twitter.com/xxdesmus/status/1169284464830103552
Experts Comments
September 05, 2019
Glynk joins the growing list of organizations in 2019 that have left Elasticsearch servers unprotected, thus leaving sensitive information exposed and vulnerable to potential use and abuse by cyber criminals. The 2.2 billion rows of data exposed in this leak include usernames, email addresses and users’ IP addresses they used to access the app. Additionally, the exposed database was leaking raw production SQL statements, which could provide an attacker with enough information to map out the.....Read More
Glynk joins the growing list of organizations in 2019 that have left Elasticsearch servers unprotected, thus leaving sensitive information exposed and vulnerable to potential use and abuse by cyber criminals. The 2.2 billion rows of data exposed in this leak include usernames, email addresses and users’ IP addresses they used to access the app. Additionally, the exposed database was leaking raw production SQL statements, which could provide an attacker with enough information to map out the structure of Glynk’s database.
While the database has now been secured, the data it contained was potentially exposed for months, opening up opportunities for bad actors to discover the massive trove of data and launch sophisticated phishing or brute force campaigns. To honor the trust of app users and customers, and prevent companies from being subjected to significant fines and related costs, organizations must be diligent in ensuring their data is protected with proper security controls. Automated cloud security solutions can grant organizations the ability to detect misconfigurations and alert the appropriate personnel to correct the issue, or even trigger automated remediation in real-time, so that Elasticsearch databases and other assets never have the opportunity to be exposed, even temporarily. Read Less
Linkedin Message
@Chris DeRamus, VP of Technology Cloud Security Practice, provides expert commentary at @Information Security Buzz.
"The 2.2 billion rows of data exposed in this leak include usernames, email addresses and users’ IP addresses...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/glynk-android-app-leak
Copy this message and share on your Linkedin profile. Thanks!
Facebook Message
@Chris DeRamus, VP of Technology Cloud Security Practice, provides expert commentary at @Information Security Buzz.
"The 2.2 billion rows of data exposed in this leak include usernames, email addresses and users’ IP addresses...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/glynk-android-app-leak
Copy this message and share on your Facebook profile. Thanks!
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Peter Goldstein, CTO and Co-founder, provides expert commentary at @Information Security Buzz.
"This incident further highlights the need for companies to protect personal information...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/glynk-android-app-leak
Facebook Message
@Peter Goldstein, CTO and Co-founder, provides expert commentary at @Information Security Buzz.
"This incident further highlights the need for companies to protect personal information...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/glynk-android-app-leak