Misconfigured Elasticsearch database exposes 762K Chinese car owners

Share This Post



Cybernews reports that information from 762 car owners in China has been exposed by a misconfigured Elasticsearch server hosted on a U.S.-based IP address for at least two days before being discovered last month.

Individuals’ full names, birthdates, phone numbers, ID numbers, email addresses, home addresses, vehicle identification numbers, car brands and models, engine numbers, and vehicle colors were leaked by the unsecured Elasticsearch instance, the ownership of which remains uncertain, according to Cybernews researchers. Such a compromise, which comes after vehicle details were reported by Cisco Talos researchers to be potentially leveraged in hacking user systems, was noted by researchers to potentially pose financial fraud, identity theft, and physical security risks to individuals whose data had been exposed. “This incident highlights the ongoing risks associated with the improper handling and securing of large datasets, particularly those containing sensitive PII. It underscores the need for stringent data protection measures and the importance of accountability in data management,” said researchers.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Blogs

Mickey Mouse operation hacked by former employee

A disgruntled former Disney worker stands accused of illegally hacking the company’s systems and harassing its workers. Michael Scheuer, a former system administrator with the

Do You Want To Boost Your Business?

drop us a line and keep in touch