Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Gearbest Misconfiguration Exposes 1.5M Records


News brokethatGearbest, a Chinese online shopping giant, exposed 1.5 million records on an Elasticsearch server that was not protected with a password, allowing anyone to search the database. The exposed information includes names, addresses, phone numbers, email addresses, customer orders, products purchased, and in some cases, passport numbers and other national ID data.Gearbestranks as one of the top 250 global websites, and serves top brands, including Asus, Huawei, Intel and Lenovo.

The researcher that discovered the exposed Elasticsearch server also found a separate exposed web-based database management system on the same IP address, allowing anyone to manipulate or disrupt the databases run byGearbest’sparent company,Globalegrow.Gearbesthas a large presence in Europe, with warehouses in Spain, Poland, and Czech Republic, and the U.K., where EU data protection and privacy laws apply. This is the second security issue atGearbestin as many years. In December 2017, the...(continued)

View All Trending Stories