Unguarded database spills 440M personal records

Last updated: 14 February 2025
Leaking phone numbers
Image by Cybernews.

An exposed instance with an unknown owner has revealed copious amounts of records from multiple Middle Eastern nations.

Basic due diligence can sometimes prevent major problems, such as leaking huge amounts of personal records. For example, the Cybernews research team has uncovered an exposed Elasicsearch instance, housing a whopping 440 million records.

Elasticsearch is a tool for data analytics and search in near real-time, often utilized by organizations dealing with large data flows.

ADVERTISEMENT

According to our researchers, the unprotected instance contains information from several countries: Saudi Arabia, Oman, the UAE, Egypt, Kuwait, Pakistan, Iraq, Syria, Lebanon, and others.

“Exposing sensitive personal data from several countries creates a significant risk of identity theft, phishing, and other forms of exploitation. Leaks’ international scope adds complexity to the response, as individuals across multiple regions are at risk,” the researchers said.

Ernestas Naprys Gintaras Radauskas jurgita Paulina Okunyte
Stay informed and get our latest stories on Google News
Google News Follow us

Meanwhile, the leaked details include:

  • Phone numbers
  • National identifiers
  • Country codes
  • Time stamps for data creation
  • Other personally identifiable information (PII)

What’s worse, it’s unclear who owns the data, which could suggest that malicious actors are compiling a database that could be used for attacks in the future.

It’s likely that somebody simply misconfigured the instance, leaving it exposed. The team traced digital breadcrumbs to an iOS-focused app developer from the Middle East.

However, multiple attempts to reach the individual were unsuccessful, and the exposed instance has remained open to anyone on the web for months.

ADVERTISEMENT

Meanwhile, malicious actors could utilize the leaked information for targeted social engineering attacks. For one, attackers can exploit national identifiers, phone numbers, and other information to fuel phishing scams that could result in victims downloading malware.

Since some of the leaked data comes from nations with complex geopolitical landscapes, state-sponsored actors could also utilize it to target hand-picked individuals and track their online activity.

  • Leak discovered: October 23rd, 2024
  • Initial disclosure: November 4th, 2024
Share
Post
Share
Share
Share
More from Cybernews
Booking.com scammers unleash credential-stealing malware havoc against hosts
Bluesky T-shirt poking fun of "Caesar" Mark Zuckerberg sells out in 30 minutes
Huawei tried to bribe 15 former members of the European Parliament, sources say
Pirate Bay’s first financier dies in plane crash
Dutch EncroChat phone reseller faces 4 years in prison
DeepSeek’s chatbot can be used to generate ransomware and keylogger
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked