Skip to content
  • +1 601-907-4240
  • [email protected]
Logo
  • Services
  • Blog
  • Contact
  • About Us
Personal Details and IDs of Millions of Indian Families Exposed As A Result of Security Incident

Personal Details and IDs of Millions of Indian Families Exposed As A Result of Security Incident

On May 23rd, another Elasticsearch misconfiguration incident has led to the exposure of the personal details and Aadhar number for  […]

0
PADI Certified Divers Records Exposed in a Misconfiguration Incident

PADI Certified Divers Records Exposed in a Misconfiguration Incident

On May 6th I have identified an open and unprotected Elasticsearch server that appeared to contain registration details for US-based […]

0
Energy Company in Poland Exposed Data of its Customers

Energy Company in Poland Exposed Data of its Customers

On April 16th I have discovered an unprotected and publicly indexed Elasticsearch cluster that contained 3,376,912 records with personally identifiable […]

0
SMS Spam Operation Rebrands, Continues to Leak Customer Information

SMS Spam Operation Rebrands, Continues to Leak Customer Information

Earlier this year, I discovered that SMS marketing firm, Rocket Text (rocket-text.com), failed to secure its Mongo database exposing just […]

0
A UK-based Security Company Seemed To Have Inadvertently Exposed Its ‘Leaks Database’ with 5B+ Records

A UK-based Security Company Seemed To Have Inadvertently Exposed Its ‘Leaks Database’ with 5B+ Records

On March 16th I have found an unprotected and thus publicly available Elasticsearch instance which appeared to be managed by […]

0
US non-profit for international study exposes private documents of thousands of students: report

US non-profit for international study exposes private documents of thousands of students: report

The Institute of International Education (IIE), a US nonprofit that focuses on foreign exchange study and scholarship, exposed a database […]

0
Honda Exposes Vehicle Owner Records on the Web

Honda Exposes Vehicle Owner Records on the Web

On December 11th, 2019, I have identified an open and unprotected Elasticsearch cluster with 976 millions of records which appeared […]

0
Whirlpool Exposed Database with Home Appliances Scan Results

Whirlpool Exposed Database with Home Appliances Scan Results

On October 1st, I have found a rather unusual web interface of Heartbeat monitoring service. The open and publicly available […]

0
Large Italian Online Shop Exposed Customers Details

Large Italian Online Shop Exposed Customers Details

On Sept 4th I have identified an open and unprotected Elasticsearch cluster containing sensitive details of customers of Calcioshop.it, popular […]

0
Mexican Online Bookstore Exposed Data – Again

Mexican Online Bookstore Exposed Data – Again

On September 9th, I have discovered three (3) open and unprotected MongoDB instances which appeared to be part of Librería Porrúa, […]

0
Banking Trojan Database Exposed – Millions of Users At Risk

Banking Trojan Database Exposed – Millions of Users At Risk

On July 5th I discovered two (!) open and publicly accessible MongoDB instances which appeared to be part of the […]

0
Bold.com Exposed Its Internal Infrastructure

Bold.com Exposed Its Internal Infrastructure

Bold.com, company behind popular solutions to help jobseekers find jobs, and help businesses find candidates – LiveCareer, Resume-Now, my Perfect Resume, Mighty […]

0
Gartner’s Legacy System Exposed Online

Gartner’s Legacy System Exposed Online

On August 14th I have sent a responsible disclosure notice to Gartner, the world’s leading information technology research and advisory company, […]

0
Home and Family Job Search Engine Exposed Its Database

Home and Family Job Search Engine Exposed Its Database

FamilaFacil, a Madrid-based home and family job search platform, has exposed its MongoDB database with details on their users and […]

0
Microfinance Agency Exposed Thousands of Customer Records

Microfinance Agency Exposed Thousands of Customer Records

In another Elasticsearch misconfiguration incident Credia.ge, a Tbilisi-based (Georgia) agency, exposed personal and loan information for thousands of its customers. […]

0
Sex Sells! Spanish Chain of “Men’s Clubs” Exposed Its Database

Sex Sells! Spanish Chain of “Men’s Clubs” Exposed Its Database

On August 4th I discovered an open and unprotected MongoDB database which appeared to be part of a Spanish company […]

0
Even randomized dummy data should be protected

Even randomized dummy data should be protected

A database belonging to online voting system provider Everyone Counts has been exposed, leaving what appears to be “randomized and […]

0
GE Aviation exposed internal configs via open Jenkins instance

GE Aviation exposed internal configs via open Jenkins instance

Back in June I decided to check how many open Jenkins instances are available for search and did additional parsing […]

0
The University of Chicago Medicine Exposed ‘Perspective Givers’ Database With More Than A Million of Records

The University of Chicago Medicine Exposed ‘Perspective Givers’ Database With More Than A Million of Records

Elasticsearch misconfigurations and related data incidents have became top news recently, even after Elastic introduced free security packs for all […]

0
London-based Marketplace Accidentally Exposed Personal Details of its Customers

London-based Marketplace Accidentally Exposed Personal Details of its Customers

In another MongoDB-related misconfiguration incident, a UK-based company exposed personal and payment data of several hundreds of its customers. On […]

0

Posts navigation

1 2 3 »
  • Services
  • Blog
  • Contact
  • Found a vulnerabiltiy? Contact [email protected]

Copyright ©2023 Security Discovery. All rights reserved.