- Alinto left the Elasticsearch cluster exposed online
- 40 million SMTP records leaked, including 4.5 million unique emails
- Data from major companies and French government agencies at risk
A French email solutions provider kept an Elasticsearch cluster open on the Internet and leaked the email addresses and location information of millions of people, as well as large companies and government entities, experts have warned.
The cluster contained 40 million Simple Mail Transfer Protocol (SMTP) records accessible to anyone with an Internet connection, a browser and the knowledge of where to look. The server also apparently hosted an SMTP server under Cleanmail.eu, which is Alintos’ email security relay solution.
Security researchers from Cyber news discovered the open database and notified the owners, who subsequently locked it down.
The article continues below
Risk potential
In its research report, the Cyber news team said it found an Elasticsearch cluster belonging to Alinto, a French company that offers “solutions to keep email communications up and running, protect email infrastructure from cyber-attacks and ensure the deliverability of high-volume transactional emails.”
The server also apparently hosted an SMTP server under Cleanmail.eu, which is Alintos’ email security relay solution.
The records contained the following information:
Sender email address,
Recipient’s email address,
location information,
Relay IP addresses
Among the companies affected were L’Oreal, Renault and DHL, as well as “many French government agencies”, including government departments, municipalities, but also French embassies worldwide – with at least 14,000 unique government email addresses leaked.
Although losing email addresses doesn’t feel like a huge loss, Cyber news explained why the leak is potentially dangerous:
“Having information about which addresses are communicating with each other and at what times reveals behavioral data that can aid in further attacks – impersonating someone you normally communicate with, sending communications as expected when they are expected,” the Cybernews team explained.
“Furthermore, this can also help build relationship maps that can be used to derive certain sensitive company information, such as new product launches.”
Of the 40 million registrations, at least 4.5 million are unique email addresses that may see more spam in the future. It is unknown if any threat actors discovered the database before the researchers.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
