Massive data breaches in 2019 that occurred due to unprotected databases

• Data breaches caused due to misconfigurations can have drastic consequences for big companies.
• The biggest data breach witnessed so far in 2019 is the exposure of 809 million records by an email marketing firm Verifications.io.

Context

A misconfiguration in a database could result in the exposure of millions of people’s sensitive information across the globe. Unprotected servers or open databases that are left publicly accessible without any authentication could put millions of users’ data at risk, causing serious damage to big organizations. Several such incidents have been witnessed in 2019.

The prominent data breaches of 2019

Unprotected MongoDB exposes 809 million records

On February 25, 2019, security researchers Bob Diachenko and Vinny Troia discovered an unprotected MongoDB database that was left open without any password protection. The open database belongs to an email marketing firm Verifications.io and has exposed around 809 million records. The database contained three folders with different records. The first folder had over 790 million unique email addresses and the second folder contained 4,150,600 records that had both email addresses and users’ phone numbers. The third folder contained over 6 million business lead records.

Chinese HR firms expose over 590 million resumes

Security researcher Sanyam Jain has reported almost 7 incidents since January 2019 that witnessed the data exposure of over 590 million Chinese job seekers’ resumes. All the 7 incidents were caused due to misconfigured Elasticsearch servers.

275 million personal records exposed

Security researcher Bob Diachenko uncovered an unsecured MongoDB database that was hosted on Amazon AWS infrastructure. The leaky database contained almost 275,265,298 records of Indian citizens with personally identifiable information (PII) such as names, email addresses, genders, dates of birth, phone numbers, educational details, professional skills, employment history, current employer and salary. However, the data was all deleted by a hacker group named ‘Unistellar’.

198 million records of potential car buyers exposed

An unprotected Elasticsearch database belonging to Dealer Leads has exposed almost 198 million records containing information about potential car buyers. The exposed data includes names, email addresses, phone, addresses, IP addresses, ports, pathways, storage information, loan and finance inquiries, and details of vehicles that were for sale.

188 million records from Pipl.com and LexisNexis exposed

An unguarded MongoDB database that contained almost 188 million records of personal data from Pipl.com and LexisNexis was found exposed online. The exposed records included personal data such as names, dates of birth, gender, race, religion, email addresses, physical addresses, phone numbers, social media profiles, past and current employers, skills, automobiles and properties owned, court and bankruptcy notes, and political affiliations.

Honda exposed 134 million employee data

Security researcher Justin Paine discovered a misconfigured Elasticsearch instance belonging to Honda. The leaky database contained information for over 300,000 employees across the globe, which included employees’ names, email addresses, their last login, their computers' endpoint security vendor network information, OS versions, hostnames, and patch status. The database had a table named “uncontrolledmachine” which contained 3,000 entries about Honda’s internal computers that weren't using endpoint security software.

Key takeaway

This indicates that organizations are not taking the security of their servers seriously. In order to avoid such data leaks, organizations must secure their database configuration, enforce proper authentication, and encrypt the data stored in the databases.