On April 1st Bob Diachenko discovered a non-password protected Elastic database that appeared to contain millions of records detailing golf games, courses, messages, and other player data. Upon further investigation there were many references to GAME GOLF inside the database. San Fransisco based GA...
On May 10th I identified a massive bulk of data sitting in an unprotected and publicly available Elasticsearch cluster (hence visible in any browser). This database contained 3,427,396 records with detailed information on Panamanian citizens (labeled as ‘patients‘), plus 468,086 records ...
Kool King Shop, (https://www.koolkingshop.fr/), a French-only online shop for kids who purchased Burger King’s menus, had customers data exposed in a misconfigured database. An open and unprotected Elasticsearch cluster with plain-text data was left unattended at least since April 24, 2019, ac...
On April 18th, during our regular security audit of nonSql databases with BinaryEdge search engine, I have discovered an open and publicly available MongoDB instance which contained astonishingly sensitive information on Iranian drivers. Information was structured to include the following data field...