- Security researchers found an Elasticsearch index with millions of entries
- The database contained personal information on millions of Georgians.
- It was traced to an anonymous German cloud provider.
A German cloud service provider has accidentally exposed sensitive data of likely the entire population of Georgia, security researchers say.
Cybersecurity expert Bob Dyachenko of SecurityDiscovery.com said they recently discovered a non-password-protected Elasticsearch index containing a “wide range of sensitive personal details” belonging to Georgians. The index housed two indexes, one with almost five million personal data records and another with more than seven million.
Given that Georgia’s total population numbers less than four million people, it’s safe to assume that even with numerous duplicate entries, all of its citizens could be at risk of identity theft, phishing, and more.
Closing the leak
The files contained individual identification numbers, full names, dates of birth, genders, phone numbers and other sensitive information.
“The data appears to have been collected or aggregated from multiple sources, potentially including government or commercial data sets and number identification services,” Dyachenko said.
Researchers traced the instance to a server owned by a German cloud service provider. Investigators did not name the company and said the server was taken offline “shortly after discovery.” It was not clear if the company was notified of the leak. Therefore, we also do not know if any threat actors found the files in the meantime and if the data was extracted from other places.
“Without clarity over data ownership, resources for affected individuals are limited and it remains challenging to enforce data protection laws or seek accountability,” the researcher said. “This breach highlights the complexities of cross-border regulation and data protection.”
Through cyber news
