Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Expert discovered an Elasticsearch instance belonging to a security firm containing over 5 billion records of data leaked in previous incidents. The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. […]

security firm

Expert discovered an Elasticsearch instance belonging to a security firm containing over 5 billion records of data leaked in previous incidents.

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019.

“On March 16th I have found an unprotected and thus publicly available Elasticsearch instance which appeared to be managed by a UK-based security company, according to the  SSL certificate and reverse DNS records.” wrote Security Discovery’s researcher Bob Diachenko. “The irony of that discovery is that it was a ‘data breach database’, an enormously huge collection of previously reported (and, perhaps, non-reported) security incidents spanning 2012-2019 era.”

The huge trove of data is composed of two collections, one containing 5,088,635,374 records, and the second one that was being updated in real-time has over 15 million records.

Exposed data include hashtype, leak year, password (hashed, encrypted or plaintext, depending on the leak), email, email domain, and source of the leak (i.e. Adobe, Last.fm, Twitter, LinkedIn, Tumblr, VK and others).

Most of the data come from previously known sources, it could expose affected people to scams and phishing campaigns.

The expert discovered the unprotected Elasticsearch cluster on March 16, it was indexed by the BinaryEdge search engine on March 15. At the time it’s not clear for how long the database remained exposed online and of it was accessed by third-parties.

Diachenko reported its discovery to the security firm that quickly took the Elesticsearch installation offline.

The security firm that exposed the archive revealed that the database was exposed while its supplier was moving the index to a different Elasticsearch server. The firewall was temporarily disabled for roughly 10 minutes during the migration, which allowed the search engine to index the database.

“Our extensive cybersecurity knowledge lends itself well to searching for and analyzing data leaks. Our due diligence demands that we make every attempt to identify who is responsible and notify them as quickly as possible.” concludes the expert.

“Our hope is to minimize harm to end users whose data .”

NOTE: Company’s data and customer records were not exposed, incident involved only previously reported data breaches collections.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Security firm, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]