elasticsearch






Gartner’s Legacy System Exposed Online

On August 14th I have sent a responsible disclosure notice to Gartner, the world’s leading information technology research and advisory company, alerting them on a misconfigured Elasticsearch cluster with 1TB+ of data. According to Shodan and…

Like this story? Please share it!









Golf App Exposes 218k Users’ Data Online

On April 1st Bob Diachenko discovered a non-password protected Elastic database that appeared to contain millions of records detailing golf games, courses, messages, and other player data. Upon further investigation there were many references to GAME…

Like this story? Please share it!

Panama Citizens Massive Data Breach

On May 10th I identified a massive bulk of data sitting in an unprotected and publicly available Elasticsearch cluster (hence visible in any browser). This database contained 3,427,396 records with detailed information on Panamanian citizens…

Like this story? Please share it!

Burger King’s Online Shop for Kids Exposed Data

Kool King Shop, (https://www.koolkingshop.fr/), a French-only online shop for kids who purchased Burger King’s menus, had customers data exposed in a misconfigured database. An open and unprotected Elasticsearch cluster with plain-text data was left unattended…

Like this story? Please share it!