Security News > 2020 > March > Unprotected Database Exposed 5 Billion Previously Leaked Records
An Elasticsearch instance containing over 5 billion records of data leaked in previous cybersecurity incidents was found exposed to anyone with an Internet connection, Security Discovery reports.
Most of the data, Diachenko says, appears to have been collected from previously known sources, but unrestricted access to such a collection would still represent a boon for cybercriminals, providing them with a great resource for phishing and identity theft.
Responding to a SecurityWeek inquiry, Keepnet Labs confirmed that the database only contained publicly available data that can also be accessed through various online services.
"There is a certain irony is an exposed database of previously compromised data. The fact that this data was previously compromised doesn't mean this incident is meaningless. The sheer volume of this collections makes it a valuable target for criminals. Sometimes the data itself is made more valuable by the ease of access or aggregation. It would be important to know for how long this data has been exposed, and of course, whether anyone has actually accessed it," Tim Erlin, VP of product management and strategy at Tripwire, told SecurityWeek in an emailed comment.
"While the data exposed in this incident appears to be collected from previously known sources, the fact that it was all readily available, indexed, and publicly exposed makes it a big concern. Criminals can use the data contained to formulate attacks against organisations, and in particular use the information for spear-phishing attacks," Javvad Malik, security awareness advocate at KnowBe4, commented.