UK-Based Security Company Exposes Database Containing More than 5 Billion Records
Security researcher Bob Diachenko has found an unprotected and publicly available Elasticsearch database, which appears to be managed by a UK-based security company, according to the SSL certificate and reverse DNS records.
According to Diachenko, the irony of that discovery is that it was a ‘data breach database’, an enormously huge collection of previously reported (and, perhaps, non-reported) security incidents spanning 2012-2019 era. The Elasticsearch cluster in question had two collections, says Diachenko.