Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

257K Legal Documents Leaked By Unprotected Elasticsearch Server

Dataleak

An unprotected 4.7 GB Elasticsearch cluster found on a US-based Amazon AWS server exposed257,287 sensitive legal documents that came with a "not designated for publication" label.

Security researcher Bob Diachenkowho discovered the passwordless Elasticsearchserver told BleepingComputer that he "analyzed 250-sampled extract, docs are compiled based on 'type' (which is 'opinion'). Cases are from the 2002-2010 era, from all over the United States."

The exposed database of legal documents was uncovered as part of a greaterscale initiative designed to discover misconfigurednoSql databases (i.e.,MongoDB, CouchDB, Elasticsearch) and report the findings to the organizations responsible to secure them.

The organization behind the leak is not yet known

In the beginning, Diachenko thought that the unprotected Elasticsearch cluster was managed byLex Machinabut he did not get a response from them after his initial report:

"After initial investigation we assumed that data is managed by...(continued)

View All Trending Stories