Data leak – over billion people affected (PDL / OXY)

On October 16th 2019 two cybersecurity experts – Bob Diachenko and Vinny Troia discovered unsecured elasticsearch environment. Sadly, this is not unique. Open-Source Elasticsearch does not have security mechanisms on its own and allowing access from Internet is always a bad idea.

Turns out that elaticsearch had huge amount of personalized data indexed, to be precise – 4 terabytes huge. Company who is owning elasticsearch database is unknown, but it seems that gathered data is or were owned by People Data Labs (PDL) company and OxyData.io.

Most of the data was unusually valuable, as data was enriched. Meaning that data stored in those indices was previously correlated before from multiple smaller pieces, to create one rich document. That enriched data is then product of information and is sold by companies like PDL and OxyData. Data that was inside documents covers e-mail adresses, phone numbers, personal data, profiles data from LinkedIn and Facebook. To put that in some numbers, data had:

  • PDL
    • 1,2 billion unique data
    • 650 million e-mail adresses
  • OxyData
    • 380 million unique data, mainly from LinkedIn

The question is – how to know if the data is true and up to date? Luckyly PDL offers 1k queries per month free to their database. So such queries were send and actual data received from PDL were 100% accurate with data within elasticsearch indices. Data were the same.

Both of companies, PDL and OxyData, stands that there were no hacking attack, and source of that data was via customers, who bought the data. It’s hard to call hacking or breach, when all you need to do is put in your browser http://35.199.58.125:9200 .

Of course adress and port is unavailable right now 🙂

That is the reason why you should never use unsecured elasticsearch for production data processing. It is important to point, that elasticsearch is not to blame for this breach, but  lack of security, such as those which are offered by Energy Logserver.

Energy Logserver enters the Middle East market

Four years after starting the first application, the Energy Logserver gained momentum, which exceeded even our expectations. After summarizing the successes at one of the largest cybersecurity events in Poland, "Semafor", it was confirmed that our product maturity, competing on the global market.

We appeared at one of the largest global cybersecurity and IoT events - Gisec 2019 in Dubai. We presented the latest SIEM and Network Security modules supported by Artificial Intelligence in Energy Logserver.

The well-received Energy Logserver aroused interest of leaders from around the world in the fields of telecommunications, finance, transport and the fuel industry. Thanks to that we were able to connect with new partners and acquire new customers of the Middle East, India and Asia.

Below are some photos from the events.

 

Energy Logserver on Confidence 2019!

Confidence is one of the largest conferences in Europe devoted to IT security. In 2019, the 18th edition took place! We couldn't miss it.

As a platinum conference partner, we have appeared to present the Energy Logserver new functionalities to the world in SIEM area.

To our delight, the Energy Loggerver stand enjoyed great interest, thanks to which we established new, great acquaintances and we could present the system's functionalities even closer.

At the full auditorium, one of our experts conducted a lecture on the construction of the SIEM system according to the unique needs and systems of the client. The presentation is available at this link.