Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Elasticsearch data breach exposes records of 82m Americans - Netwrix comments

November 2018 by Netwrix

Elasticsearch servers affecting 82 million individuals. Elasticsearch, an open source search engine mainly used for private networks was reportedly left open for public access, exposing personal information including names, employment details and postal addresses. It is estimated that in total, more than 114m records belonging to US citizens and companies have been affected.

Netwrix’s General Manager EMEA, Matt Middleton-Leal has provided the following statement:

“Basic errors in design and configuration are all too often the achilles heel of organisations’ data security. When organisations are the custodians of personal information they have a duty of care to ensure it is safe and secure. In the case of Elasticsearch, it appeared to have design flaws which enabled hackers to potentially download 82 million citizens’ personal data. These types of design floors would have been exposed by simple red testing exercises, therefore it can be assumed Elasticsearch is either very naïve or simply negligent in its approach to data security.”




See previous articles

    

See next articles