More than 3.8 billion records exposed in DarkBeam data leak

7 months ago AndyC

More than 3.8 billion records have been exposed after digital protection firm DarkBeam left an interface containing the exposed records unprotected.

More than 3.8 billion records exposed in DarkBeam data leak

More than 3.8 billion records have been exposed after digital protection firm DarkBeam left an interface containing the exposed records unprotected. 
The leak was discovered on September 18 by CEO of cyber security news site SecurityDiscovery, Bob Diachenko, who alerted DarkBeam to the leak. The digital protection firm immediately addressed the vulnerability and closed the leak after being alerted to the fact.

DarkBeam had been collecting the data to alert its customers in the case of a data breach, meaning the data exposed was data already leaked in prior cyber attacks. Of the data leaked, there were 16 collections named ‘email 0-9′ and ‘email A-F’ which represented 239,635,000 pairs of login credentials.

A sample of the leaked data. Source: SecurityDiscovery.

The data leak was caused by leaving a Elasticsearch and Kibana data visualization interface unportected, allowing access to the confidential data held within it. Speaking to cyber security site Cybernews about the data leak, Dianchenko noted that data leaks like this are usually down to “human error”, for example employees forgetting to password-protect data after maintenance is done. 

DarkBeam has not yet publicly addressed the situation. 

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Building a robust cyber security workforce

Building a robust cyber security workforce

2 months ago AndyC
Leveraging automation for enhanced cyber security operations

Leveraging automation for enhanced cyber security operations

2 months ago AndyC
Cyber security – where toothbrushes, drones and gnomes collide

Cyber security – where toothbrushes, drones and gnomes collide

2 months ago AndyC
<div>Creating resilience & promoting strong mental health in cyber security teams</div>

Creating resilience & promoting strong mental health in cyber security teams

2 months ago AndyC
IOTW: Victoria Court recordings exposed in suspected ransomware attack

IOTW: Victoria Court recordings exposed in suspected ransomware attack

3 months ago AndyC
IOTW: Russia-linked cyber attack targets Ukraine’s biggest phone operator

IOTW: Russia-linked cyber attack targets Ukraine’s biggest phone operator

3 months ago AndyC

You may have missed

ATO seeks client data from crypto exchanges

ATO seeks client data from crypto exchanges

2 hours ago AndyC
Los consejos de 007 para que su empresa sea tan segura como el MI6

Los consejos de 007 para que su empresa sea tan segura como el MI6

2 hours ago AndyC
CDOs’ biggest problem? Getting colleagues to understand their role

CDOs’ biggest problem? Getting colleagues to understand their role

2 hours ago AndyC
Rethinking ‘Big Data’ — and the rift between business and data ops

Rethinking ‘Big Data’ — and the rift between business and data ops

2 hours ago AndyC
SAP forecasts clarity in the cloud

SAP forecasts clarity in the cloud

2 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.