The Polish high-quality measuring instruments maker left an open instance revealing internal communications, including passwords shared via employee conversations.
While guarding company documents is paramount, the protection of internal corporate communications is hardly different. Meanwhile, the Cybernews research team has discovered an open MongoDB instance with over 256 gigabytes of Rocket.Chat messages pertaining to Sonel.
Rocket.Chat is an open-source collaboration platform that uses MongoDB as its default storage database, sometimes leading to data-exposing misconfiguration accidents.
“The exposed data, including company secrets and passwords, could empower malicious actors to exploit confidential details, compromise organizational security, and potentially lead to unauthorized access to critical systems and resources,” researchers said.
Sonel fixed the issue after the team sent the company a responsible disclosure email. We contacted the company but did not receive an official comment before publishing.
According to the team, the exposed instance contained a trove of sensitive information such as Sonel employees’ chats and conversations, and corporate secrets and passwords shared via the messaging platform.
The likely reason behind the leak is server misconfiguration. The hosting provider’s firewall does not support IPv6 and ignores rules when connecting between its other account-independent servers.
Sonel, listed on the Warsaw Stock Exchange, is a “manufacturer of high-quality measuring instruments for power generation and telecommunications sectors.”
Worryingly, exposing Rocket.Chat messages is not uncommon. In January, Cybernews wrote about Miracle Software, an IT company that exposed over 11 million Rocket.Chat messages between 3,062 users.
“Incidents like these pinpoint the necessity to prevent unauthorized use of the leaked data and fortify system configurations to safeguard against future breaches,” researchers said.
More from Cybernews:
Subscribe to our newsletter