1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Misconfigured Elasticsearch servers leaked data of 57 million Americans

By Cal Jeffrey
Nov 29, 2018
Post New Reply
  1. One of the misconfigured servers contained records on 56,934,021 US citizens. The personal information that was leaked included first and last names, employers, job titles, email and street addresses, states, zip codes, phone numbers, and IP addresses.

    A second database contained more of a “Yellow Pages” directory, listing primarily businesses. It contained more than 25 million entries. The exposed data included the name, company details, zip code, address, carrier route, latitude and longitude, census tract, phone number, web address, email, employee count, revenue numbers, NAICS codes, SIC codes, and more.

    HackenProof was unable to determine the source of the leak, but an analysis of the data fields showed a structural resemblance to those used by Data & Leads, a data management company. Researchers reached out to the firm but received no response. However, shortly after emailing Data & Leads and pushing its report, the company's website went offline. As of this writing, the site is still unavailable.

    Moreover, HackenProof reports that the databases are no longer exposed to the public. The servers were publically accessible for at least two weeks according to when Shodan first indexed them, but they could have been wide-open for even longer.

    Without confirmation from the suspected company, HackenProof turned the recovered information over to data breech indexing site Have I Been Pwned (HIBP) in the interest of the public and responsible disclosure. Those concerned that they may have been exposed can perform a search on the HIBP website and take appropriate measures if necessary.

    Permalink to story.

     
    wiyosaya likes this.
  2. trparky

    trparky TS Evangelist Posts: 512   +404

    Yeah...
    picard-riker-facepalm.
     
  3. 56.9 million persons info 'leaked'. The population of Canada is about 37 million, gives an idea of the scale
     
    wiyosaya likes this.
  4. wiyosaya

    wiyosaya TS Evangelist Posts: 3,823   +2,173

    Cal Jeffrey likes this.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...