In response to Security Discovery research that reveals over five billion records were exposed after a Keepnet Labs Elasticsearch “data breach database” containing security incidents from the last seven years was left unprotected, cybersecurity experts commented below.
EXPERTS COMMENTS
Javvad Malik, Security Awareness Advocate, KnowBe4
March 23, 2020
People can take precautionary steps to learn when their emails have been a part of a data breach.
This type of data breach discovery, if it has already been discovered by criminal groups, gains access to a "gold mine" of data breach information. This massive collection of over five billion records delivers email addresses that can be used by criminals to send socially engineered phishing email scams. The criminals can craft the email with information relating to the breach it was associated wi ....This type of data breach discovery, if it has already been discovered by criminal groups, gains access to a "gold mine" of data breach information. This massive collection of over five billion records delivers email addresses that can be used by criminals to send socially engineered phishing email scams. The criminals can craft the email with information relating to the breach it was associated with to strike fear into the victim and get them to open an attachment or link for such activities as a password reset or confirming the account. People can take precautionary steps to learn when their emails have been a part of a data breach by utilizing the services provided by haveibeenpwned.com. On this free website, people can register their email and if it's been used in a current data breach or one that was later discovered, they can receive alerts that their email was involved. Once they learn their email was in a data breach, it's highly recommended to change the passwords to that account and any other account where the same password was used to prevent additional attacks by the criminals. On a positive note, kudos to the company that owned the database for taking it offline an hour after the security researcher informed them of the exposed database. Organizations should be aware during change control or initiating new servers that limited access restrictions should be in place to protect the server and information on them.
