Articles by Bob Diachenko
PADI Certified Divers Records Exposed in a Misconfiguration Incident
Energy Company in Poland Exposed Data of its Customers
SMS Spam Operation Rebrands, Continues to Leak Customer Information
A UK-based Security Company Seemed To Have Inadvertently Exposed Its ‘Leaks Database’ with 5B+ Records
US non-profit for international study exposes private documents of thousands of students: report
Honda Exposes Vehicle Owner Records on the Web
Whirlpool Exposed Database with Home Appliances Scan Results
Large Italian Online Shop Exposed Customers Details
On Sept 4th I have identified an open and unprotected Elasticsearch cluster containing sensitive details of customers of Calcioshop.it, popular online shop in Italy for football accessories. Database contained 408,995 records with information about Calcioshop customer…
Mexican Online Bookstore Exposed Data – Again
Banking Trojan Database Exposed – Millions of Users At Risk
Bold.com Exposed Its Internal Infrastructure
Bold.com, company behind popular solutions to help jobseekers find jobs, and help businesses find candidates – LiveCareer, Resume-Now, my Perfect Resume, Mighty Recruiter – inadvertently exposed part of its internal infrastructure used for project tracking and project…
Gartner’s Legacy System Exposed Online
Home and Family Job Search Engine Exposed Its Database
Microfinance Agency Exposed Thousands of Customer Records
In another Elasticsearch misconfiguration incident Credia.ge, a Tbilisi-based (Georgia) agency, exposed personal and loan information for thousands of its customers. I have identified the publicly available Elasticsearch cluster on August 3rd, however, according to Shodan…