Recently, an Israeli marketing firm has detected 49 million unique email addresses after misemploying authentication credentials for an Elasticsearch database, displaying more than 140 GB of data and contact details of the users from the U.S. and Europe. And not only that, even they were remaining in plain text on a weak and insecure web server
Thus, in a piece of hazily-worded information this week, Straffic.io, a confidentially-held digital marketing company, notified that the conflict was the outcome of a “security vulnerability” concerning one of its servers.
This is not the whole story, though, this incident proves that immense databases are yet at risk even when obtaining them needs authentication. The revealed data includes names, email addresses, phone numbers, physical addresses, and genders. Still, not all reports have those fields completed, as per a sample examined by Information Security Media Group.
Hence, the discovery of the exposure derived from a U.S.-based security expert who became frustrated after getting rejected marketing messages over SMS for more than a couple of years, and at last, he decided to study the matter. Well, the owner of the data is Straffic.io, which expresses itself as a “private performance marketing network.” As per its Facebook page, the corporation was established in June 2017.
Following this report, Straffic established a defect that did endure and quickly patched it, in addition to supporting our current security protocols. As for now, all systems are protected, and Straffic did not get any evidence of data misapplication or data loss.
However, they stated that they proceed to investigate and will report if they will find confirmation to the contrary. However, they are trying their very best to defend the security of their service and sincerely deplore such vulnerability has remained exposed to their service. Thus, it’s challenging to produce a protected system, as these things can happen again.
Here’s the official statement of Straffic, “Dear Straffic user, we would like to bring to your attention that we have been reported that a security vulnerability has been found on one of the servers we use to provide our services. Following this report, we confirmed a weakness did exist and promptly patched it, in addition to fortifying our existing security protocols. As of now, all systems are secure, and we did not find evidence of any data misuse or data loss.
Leaked Data
Basically, the Elasticsearch is a warehouse and querying platform that’s popular for managing log data and facilitating fast search features. Though, computer security researchers always find databases that have been configured inaccurately and left open on the internet outwardly authentication. But this is not what happened in Straffic.io’s, rather then Staffic’s Elasticsearch cluster was undoubtedly password protected. But the credentials were left in a plain-text file on a casual domain that is now offline.
Therefore, the credentials opened the database, which included two files containing people’s contact details, collectively amounting to more than 140 GB of data. Not only this, but it also included Laravel logs for one of Straffic.io’s applications. Laravel logs are designed for applications that are printed utilizing the Laravel framework.
However, apart from all these things, it’s also unclear how Straffic.io received so much personal contact data. But security experts have tended out that the transference or sale of personal data is responsible for this, as it simply increases the risks to users.
Therefore, Troy Hunt, a well-known data breach expert, and creator of the “Have I Been Pwned” site, has clearly stated that there are already many data aggregators now which simply makes it quite difficult for the people to identify which organizations have their data with them.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.
