Keepnet Labs Data Breach (2020)

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. “On March 16th I have found an unprotected and thus publicly available Elasticsearch instance which appeared to be managed by a UK-based security company, according to the SSL certificate and reverse DNS records.” wrote Security Discovery’s researcher Bob Diachenko. “The irony of that discovery is that it was a ‘data breach database’, an enormously huge collection of previously reported (and, perhaps, non-reported) security incidents spanning 2012-2019 era.” The huge trove of data is composed of two collections, one containing 5,088,635,374 records, and the second one that was being updated in real-time has over 15 million records. Exposed data include hashtype, leak year, password (hashed, encrypted or plaintext, depending on the leak), email, email domain, and source of the leak (i.e. Adobe, Last.fm, Twitter, LinkedIn, Tumblr, VK and others). Most of the data come from previously known sources, it could expose affected people to scams and phishing campaigns.