Misconfigured Elasticsearch servers leaked data of 57 million Americans

Cal Jeffrey

TS Evangelist
Staff member

One of the misconfigured servers contained records on 56,934,021 US citizens. The personal information that was leaked included first and last names, employers, job titles, email and street addresses, states, zip codes, phone numbers, and IP addresses.

A second database contained more of a “Yellow Pages” directory, listing primarily businesses. It contained more than 25 million entries. The exposed data included the name, company details, zip code, address, carrier route, latitude and longitude, census tract, phone number, web address, email, employee count, revenue numbers, NAICS codes, SIC codes, and more.

HackenProof was unable to determine the source of the leak, but an analysis of the data fields showed a structural resemblance to those used by Data & Leads, a data management company. Researchers reached out to the firm but received no response. However, shortly after emailing Data & Leads and pushing its report, the company's website went offline. As of this writing, the site is still unavailable.

Moreover, HackenProof reports that the databases are no longer exposed to the public. The servers were publically accessible for at least two weeks according to when Shodan first indexed them, but they could have been wide-open for even longer.

Without confirmation from the suspected company, HackenProof turned the recovered information over to data breech indexing site Have I Been Pwned (HIBP) in the interest of the public and responsible disclosure. Those concerned that they may have been exposed can perform a search on the HIBP website and take appropriate measures if necessary.

Permalink to story.

 
  • Like
Reactions: wiyosaya
S

senketsu

56.9 million persons info 'leaked'. The population of Canada is about 37 million, gives an idea of the scale
 
  • Like
Reactions: wiyosaya