It was reported over the weekend that breaches occurred in five dating apps, leaking PI on more than 1 million users, attributed to misconfigurations of various servers: Amazon buckets, ElasticSearch, and MongoDB.
Experts Comments
July 07, 2020
ElasticSearch databases are probably the primary sources of data leaks, because of misconfigurations when set up. For example, the front end UI is often secured with authentication, but admins forget that the default port 9200 is also visible and accessible online, meaning that unprotected ElasticSearch databases can leak data via the backdoor. Having built the database, the developers probably forgot all about patching it, focusing on the front end’s ease-of-use to drive user engagement and.....Read More
Like(
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Casey Kraus, President of Cloud Security Management Provider, provides expert commentary at @Information Security Buzz.
"There is always a shared responsibility for security between the cloud provider and the company...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/personal-details-of-1m-dating-app-customers-leaked-security-expert-comments
Facebook Message
@Casey Kraus, President of Cloud Security Management Provider, provides expert commentary at @Information Security Buzz.
"There is always a shared responsibility for security between the cloud provider and the company...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/personal-details-of-1m-dating-app-customers-leaked-security-expert-comments