Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Cybersecurity Firm Exposes Breach Database Containing 5 Billion User Records

Technology research company Comparitech on Monday said its researchers discovered that a cybersecurity firm had exposed a database containing more than 5 billion user records.

Technology research company Comparitech on Monday said its researchers discovered that a cybersecurity firm had exposed a database containing more than 5 billion user records.

An investigation revealed that the database stored information that had been compromised in data breaches suffered by various companies over the past years. The database has been used by security analytics firm Cognyte to alert customers when their information is exposed as a result of a data breach suffered by a third party.

The database stored names, email addresses, passwords and data sources. The data appears to come from roughly two dozen data breaches disclosed over the past years, including by Tumblr, Rambler, MySpace, iMesh, VK, MGM, Edmodo, and Zoosk.

According to Comparitech, the database, stored on an Elasticsearch cluster, was indexed by search engines on May 28 and it was discovered by one of its researchers, Bob Diachenko, one day later. Cognyte was immediately notified and the data was secured a few days later.

“We do not know if any other third parties accessed the data during the time when it was exposed, nor do we know for how long it was exposed prior to being indexed by search engines. Our honeypot experiments show that attackers can find and access exposed data in a matter of hours,” Comparitech said.

This is not the first time Diachenko has come across an unprotected database belonging to a cybersecurity firm. Last year, the researcher discovered an exposed database belonging to email security company Keepnet Labs. That database also stored more than 5 billion records.

It’s not uncommon for these types of databases to be found online, either because they are inadvertently exposed by a company or they are offered — in some cases for free — on cybercrime forums.

While the exposed data is typically not new, experts warn that the usernames and passwords can still be useful for credential stuffing attacks.

Advertisement. Scroll to continue reading.

Related: Microsoft Exposed 250 Million Customer Support Records

Related: Misconfigured Public Cloud Databases Attacked Within Hours of Deployment

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...