- Security researchers found an Elasticsearch index with millions of records
- The database contained the personal information of millions of Georgians
- It was traced back to an unnamed German cloud provider
A German cloud service provider has inadvertently exposed sensitive data on possibly the entire population of Georgia, security researchers say.
Cybersecurity expert Bob Dyachenko of SecurityDiscovery.com said they recently discovered a non-password-protected Elasticsearch index containing a “wide range of sensitive personal details” belonging to Georgians. The index hosted two indexes, one with nearly five million personal data records and another with more than seven million.
Given that Georgia’s entire population is less than four million people, it’s safe to assume that even with numerous duplicate records, all of its citizens could be at risk for identity theft, phishing, and more.
Closing the leak
The archive contained people’s ID numbers, full names, dates of birth, gender, phone numbers and other sensitive information.
“The data appears to have been collected or aggregated from multiple sources, potentially including government or commercial datasets and caller ID services,” Dyachenko said.
The researchers traced the instance back to a server owned by a German cloud service provider. The researchers did not name the company and said the server was taken offline “shortly after discovery”. It was left unclear whether the company was notified of the leak. Therefore, we also do not know whether any threat actors found the archives in the meantime and whether the data had been exfiltrated elsewhere.
“Without clarity on data ownership, redress for affected individuals is limited and enforcing data protection laws or seeking accountability remains challenging,” the researcher said. “This leak highlights the complexities of cross-border data protection and regulation.”
Via Cyber news
