Nextcloud leaks 367,000 records – European cloud giant reveals staff and customers in major breach


  • The exposed ElasticSearch cluster at Nextcloud contained ~367,000 records (8GB), including employee data, client contracts and scripts
  • Sensitive information such as staff emails and customer company information was left unencrypted; Nextcloud secured the archive within two days of the announcement
  • The company attributed the incident to hosting misconfiguration and stressed that customer servers were unaffected, although researchers warn that attackers may have access to the data

European cloud provider Nextcloud stored an unprotected database on the public internet, exposing sensitive internal and client data to anyone who knew where to look, experts have revealed.

Nextcloud is a free, open source platform that lets users create their own private cloud. It is often described as an alternative to Google Drive or Microsoft 365, which allows users to control where their data resides.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top