ZDNet

FitMetrix user data exposed via passwordless ElasticSearch server cluster

Data for an unknown number of FitMetrix users was left exposed on the Internet via a cluster of ElasticSearch servers, a security researcher has discovered. The servers, which were not secured with an ...
ZDNet

A hacker has wiped, defaced more than 15,000 Elasticsearch servers

For the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the ...
Threat Post

Cloud Leak Exposes 320M Dating-Site Records

A misconfigured, Mailfire-owned Elasticsearch server impacted 70 dating and e-commerce sites, exposing PII and details such as romantic preferences. Users of 70 different adult dating and e-commerce ...
Threat Post

Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak

Although the data was legitimately scraped by legally operating firms, the security and privacy implications are numerous. An open Elasticsearch server has exposed the rich profiles of more than 1.2 ...