Information on 1.2 billion people uncovered in massive data leak
Four billion records on 1.2 billion people were found on an unsecured Elasticsearch server. Researchers Bob Diachenko of SecurityDiscovery and Vinny Troia of Data Viper found the four terabyte data trove amasses from four billion user accounts.
"A total count of unique people across all datasets reached more than 1.2 billion people, making this one of the largest data leaks from a single source organisation in history. The leaked data contained names, email addresses, phone numbers, LinkedIn and Facebook profile information," wrote Vinny Troia.
"What makes this data leak unique is that it contains data sets that appear to originate from two different data enrichment companies."
The discovered Elasticsearch server containing all of the information was unprotected and accessible via web browser at http://35.199.58.125:9200. No password or authentication of any kind was needed to access or download all of the data, wrote Troia.
That so much information can be concentrated in one place and moved around so easily is the blessing and the curse of the information age, commented Jonathan Knudsen, senior security strategist at Synopsys.
"It takes only one bad decision by one person to result in massive data exposure. Organisations worldwide should respond by finding out where they keep their data, how that data is being transferred, how long it is kept and why, and what protections are in place," he said.
The type of data exposed is not sensitive in nature, but it can be gold dust for an attacker, said Keith Geraghty, solutions architect at Edgescan.
"The data will allow for large scale phishing campaigns against users. The attack path will likely be the usual methods of delivery such as emails, profile impersonations and scam phone calls. Also we may see widespread brute force attempts made on applications which use email as the method of login," he warned.
Accidental exposure of data in the cloud continues to be one of the leading causes of data breaches, and it happens with cloud service providers and with all types of SaaS applications, said Ray Canzanese, threat research director at Netskope.
According to Canzanese, these generally stem from three underlying issues:
First, there are a lot of cloud apps out there. Understanding how to manage identity and access in all of the apps you use is very challenging, especially for the more complex ones.
Second, it is hard to know when you have made a mistake. Cloud apps don’t understand your intentions or whether you didn’t intend to share that internal report with the world, or that this port should have been exposed to a much smaller IP address range.
Third, cloud apps have largely placed access control in the hands of the user, which magnifies the first two challenges. Many users don’t understand how to manage identity and access in all of the apps your enterprise uses – both sanctioned and unsanctioned. Most organisations don’t have any controls in place to check to see whether they have made any mistakes, and often it takes just one person to make a mistake.
"The question is just how motivated and dedicated your adversary is. All they have to do is find the exposure. This is one of the key challenges that security vendors are working to solve today – how to make it easier to configure and audit access to prevent the mistakes that lead to data breaches," said Canzanese.
"Once again the People Data Labs breach is a win for the black market and underground crime syndicates, as a treasure trove of personal information is available to criminals," said Sam Curry, chief security officer at Cybereason.
"Over the years, hundreds of billions of online accounts have been exposed, meaning that personal information on every human on the face of the earth has been stolen 20x or more."
Latest Jobs
-
- Senior Penetration Tester - UK - Ability to achieve security clearance.
- United Kingdom
- To attract the right person
-
Senior Penetration tester, who has the ability to achieve security clearance. (Visa sponsorships NOT available - sorry) UK based - remote first - occasional travel. Red teaming experience desirable. The successful person needs to have a history of engaging directly with customers (consultancy experience) technical delivery of penetration tests AND report writing. Limited travel - company operates a remote first approach. Must be living in the UK. Not one of the usual names in the pen testing industry. Looking for someone highly technical but looking to grow and develop their skills. Apply here or Reach out to me on chris.holt@dclsearch.com or 07884666351 All details kept discreet
-
- Cloud Architect- German Speaker
- Hungary
- Upto €48000 per year + bonus + benefits
-
As a Senior Pre-Sales Solutions Architect, you will play a pivotal role in driving our sales success by translating complex technical solutions into compelling proposals that resonate with our clients. You will collaborate closely with our sales teams to understand customer needs, design tailored solutions, and negotiate successful deals. Responsibilities: Solution Design: Develop comprehensive technical solutions that align with customer business objectives and industry best practices. Proposal Development: Create compelling proposals, including requirements gathering questionnaires, presentation materials, and Statements of Work (SOWs). Customer Engagement: Build strong relationships with clients, understanding their technical, business, and commercial requirements. Collaboration: Work closely with sales teams, delivery teams, and third-party partners to ensure successful project execution. Pricing Strategy: Define and deliver pricing strategies that align with customer needs and company objectives. Requirements: Experience in technical pre-sales or sales support roles. Proven track record in designing and delivering successful customer solutions. Strong technical foundation in areas such as VMware, Azure, AWS, cloud computing, and data center technologies. Excellent understanding of sales principles, account management, and negotiation techniques. Ability to explain complex technical concepts clearly and concisely. Experience working in international teams and supporting clients across multiple regions. Fluency in German and English is essential. Benefits: Competitive salary and benefits package Opportunity to work on challenging and rewarding projects Collaborative and supportive work environment Potential for career growth and advancement Please note that this role is focused on supporting German clients, but will also involve global client support as needed.
-
- Solution Architect - OUTSIDE IR35 - Contract- SC / DV - London
- London
- OUTSIDE IR35
-
Solution Architect For a London based Contract This is an Outside IR35 project. MUST have a minimum of an ACTIVE - SC clearance and be willing to be put through DV clearance. 6 month rolling Immediate Experience delivering technical Security Architecture design / assurance of security design. Cross domain experience desirable HLD / LLD London commutable Immediately interviewing.
-
- Microsoft Sentinel Architect
- Netherlands
- discussed on applications
-
Microsoft Sentinel Architect We're seeking a talented and experienced Microsoft Sentinel Architect to be responsible for the design, deploy of a new Sentinel solution into an expanding Services business. As a key member of our team, you'll play a vital role in driving security operations and protecting clients' assets. Responsibilities: Solution Design:Develop comprehensive Microsoft Sentinel architectures aligned with our clients' specific needs and industry best practices. Deployment and Configuration:Oversee the deployment and configuration of Sentinel components, including data connectors, analytics rules, and playbooks. Integration:Integrate Sentinel with other security tools and platforms within our MSSP ecosystem. Tuning and Optimization:Continuously monitor and optimize Sentinel performance to ensure maximum effectiveness and efficiency. Training and Mentoring:Mentor junior team members and provide training on Sentinel technologies and best practices. Required Skills and Experience: Proven experience as a Microsoft Sentinel Architect with a deep understanding of its capabilities and limitations. Strong technical skills in Azure, security operations, and data analytics. Experience designing and implementing complex security solutions, into a services environment Knowledge of threat intelligence, incident response, and compliance frameworks. Excellent communication and problem-solving skills.