https://twitter.com/xxdesmus/status/1169284464830103552

Subscribe
Notify of
guest
2 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Chris DeRamus
Chris DeRamus , VP of Technology Cloud Security Practice
InfoSec Expert
September 5, 2019 3:22 pm

Glynk joins the growing list of organizations in 2019 that have left Elasticsearch servers unprotected, thus leaving sensitive information exposed and vulnerable to potential use and abuse by cyber criminals. The 2.2 billion rows of data exposed in this leak include usernames, email addresses and users’ IP addresses they used to access the app. Additionally, the exposed database was leaking raw production SQL statements, which could provide an attacker with enough information to map out the structure of Glynk’s database.

While the database has now been secured, the data it contained was potentially exposed for months, opening up opportunities for bad actors to discover the massive trove of data and launch sophisticated phishing or brute force campaigns. To honor the trust of app users and customers, and prevent companies from being subjected to significant fines and related costs, organizations must be diligent in ensuring their data is protected with proper security controls. Automated cloud security solutions can grant organizations the ability to detect misconfigurations and alert the appropriate personnel to correct the issue, or even trigger automated remediation in real-time, so that Elasticsearch databases and other assets never have the opportunity to be exposed, even temporarily.

Last edited 3 years ago by Chris DeRamus
Peter Goldstein
Peter Goldstein , CTO and Co-founder
InfoSec Expert
September 5, 2019 3:19 pm

Up to a million people are at an increased risk of phishing attacks thanks to Glynk’s leak of 2.2 billion rows of data, which exposed usernames and email addresses as well as the IP addresses from which users accessed the Android app. Modern phishing attackers use data like this, in combination with shockingly effective impersonations of people and brands trusted by their targets, leading to account takeover, identity theft and other scams. This incident further highlights the need for companies to protect personal information — including email addresses — to prevent cyber criminals from gaining their next victim.

Last edited 3 years ago by Peter Goldstein
2
0
Would love your thoughts, please comment.x
()
x