An unsecured Elasticsearch database by Dealer Leads, a provider of marketing services to the automotive industry, exposed 198 million records including full names, email addresses, phone numbers, physical addresses, internet addresses and other sensitive data.
The database was discovered by a researcher with Security Discovery in August of this year. According to the researcher, “the data was exposed for an undetermined length of time and it is unclear who else may have had access to the millions of records that were publicly exposed.” Even though it is far from difficult to configure Elasticsearch and other databases in a secure manner, data leaks of this kind happen very frequently.
Read more: 198M records exposed on misconfigured database belonging to Dealer Lead