Data Breach


Document Management Company Left Credit Reports Online

On January 10th, I identified an unprotected Elasticsearch cluster which contained 51 GB of what appeared to be OCR (Optical character recognition) credit and mortgages reports, with total number of records in the database more…

Like this story? Please share it!

The World’s Largest Youth-Run Organization Had a Data Breach

On January 11th, Bob Diachenko of SecurityDiscovery.com, identified another unprotected Elasticsearch instance which contained millions of records – this time related to AIESEC, “the world’s largest youth-run organization. According to Wikipedia the AIESEC network has…

Like this story? Please share it!


The Howard Hughes Corporation Leaks Database Passwords

Researchers from SecurityDiscovery.com have found a security flaw in an Apache Airflow instance which allows anybody with an internet connection to view database credentials. It appears that the instance belongs to the Howard Hughes Corporation….

Like this story? Please share it!