Share this entry
A popular job recruitment database accidentally leaked 13 million records late last year. The data leaked contained user names, addresses, emails, phone numbers, and employment histories. In addition, user preferences were also exposed; previous jobs, salaries, desired industries, and more. If that wasn’t frightening enough, the data was stored on the AWS hosted ElasticSearch database without password protection.
Unfortunately, misconfiguring a cloud database or storage container can have massive consequences. The lack of password protection effectively allows for anyone and everyone to view the data. Luckily for this job site, a very diligent member of the non-profit GDI foundation found the leak. Data leaks due to misconfiguration have become increasingly common as more and more companies shift to the cloud. This is a case of a simple human error, forgetting to password-protect the database, leading to devastating consequences.
Based on what happened, it can be assumed that a developer tweaked the configuration to fix a bug, and when the application began working, they simply moved on and forgot to password-protect the ElasticSearch server. It is a commonplace for attackers to hyper-focus in on organizations issuing new rollouts. Enterprises can protect themselves by taking advantage of cloud-native capabilities to help combat human error and mistakes such as this, but these tools aren’t always enough.
Employee education is a top priority when dealing with secure cloud data. Ensuring every team employee knows what aspects of the cloud fall under their responsibility is crucial in a successful and secure operation. Unauthorized access due diligence, utilizing the right tools to manage access policies, and consistency are key to mitigating risk. One of the main concerns with the exposed records in this situation is that it was discovered by GDI and not the company itself. With such a large presence on the cloud, the company should have a security protocol and best practices to detect identity and data drift. This will help gain end-to-end visibility into the environment to spot and remedy situations quickly.
Exposed data due to misconfiguration is becoming all too common. As companies scale and expand their cloud presence, it is important to ensure the proper tools and training are in place.
Learn more about this ElasticSearch data breach on TechCrunch. Or download our Security Checklist to see what actions you can take today to reduce your risk in AWS.
THE ARCHITECT
The Newsletter for Cloud Security Leaders. 1x a month.
Get a Comprehensive Cloud Identity Audit
Request Your AuditRead the latest news and insights
Sonrai cloud security platform, products and services are covered by U.S. Patent Nos. 10,728,307 and 11,134,085, together with other domestic and international patents pending. All rights reserved.