Sonel’s secrets spilled over leaked internal chat


The Polish high-quality measuring instruments maker left an open instance revealing internal communications, including passwords shared via employee conversations.

While guarding company documents is paramount, the protection of internal corporate communications is hardly different. Meanwhile, the Cybernews research team has discovered an open MongoDB instance with over 256 gigabytes of Rocket.Chat messages pertaining to Sonel.

Rocket.Chat is an open-source collaboration platform that uses MongoDB as its default storage database, sometimes leading to data-exposing misconfiguration accidents.

“The exposed data, including company secrets and passwords, could empower malicious actors to exploit confidential details, compromise organizational security, and potentially lead to unauthorized access to critical systems and resources,” researchers said.

Sonel fixed the issue after the team sent the company a responsible disclosure email. We contacted the company but did not receive an official comment before publishing.

According to the team, the exposed instance contained a trove of sensitive information such as Sonel employees’ chats and conversations, and corporate secrets and passwords shared via the messaging platform.

The likely reason behind the leak is server misconfiguration. The hosting provider’s firewall does not support IPv6 and ignores rules when connecting between its other account-independent servers.

Sonel, listed on the Warsaw Stock Exchange, is a “manufacturer of high-quality measuring instruments for power generation and telecommunications sectors.”

Worryingly, exposing Rocket.Chat messages is not uncommon. In January, Cybernews wrote about Miracle Software, an IT company that exposed over 11 million Rocket.Chat messages between 3,062 users.

“Incidents like these pinpoint the necessity to prevent unauthorized use of the leaked data and fortify system configurations to safeguard against future breaches,” researchers said.


More from Cybernews:

Two million affected as learning app suffers data leak

Apple Vision Pro users: AR pioneers or glassholes 2.0

AI helps decipher 2000-year-old Herculaneum papyri

YouTube CEO: content creators are like Hollywood studios now

Author mints cryptocurrency based on own novel

​​Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked