A huge data warehouse with "open doors" has been discovered on the Internet - Cybernews researchers have identified a large unprotected Elasticsearch cluster. It is said that approximately 8.7 billion records, estimated to be related to Chinese citizens, are stored there. In terms of the scale of the event, it is mentioned as one of the largest leaks of personal data in the history of observations.
The most dangerous aspect is that the cluster has remained open and unprotected for more than three weeks. It's difficult to say for sure whether someone has fully downloaded the data in this "window" because the server closed later, but it's not always possible to go back and see the full "who entered-who exited."
It is noted that the leaked database consists of more than 160 indices (in some sources - 163). Each of them is divided into a certain type of information: personal and contact information, state identifiers, account information, and even login information (such as passwords) and corporate records. That is, it's not just a "list of phone numbers" - it's a mixed dataset enough to create a complete digital portrait.
Experts note that this warehouse resembles a "large aggregated mass, assembled from various sources." Another interesting point: the cluster has almost no banner or organization name referring to its owner, and the server is said to be located in a so-called "bulletproof hosting," often chosen for activities with high legal risks. Therefore, there are opinions that this situation is not a simple "configuration error," but resembles systematically accumulated data over a long period.
Of course, 8.7 billion records don't mean 8.7 billion people - there might be repetitions between the indices. But even taking repetitions into account, it is warned that the probability of speaking about hundreds of millions of people is high.
Why is this dangerous?
Such a huge dataset opens the door to scams, account thefts, blackmail, deception through "social engineering," and even the creation of a person's complete digital profile. In short, this is a "combo set" for cybercriminals, and a headache for ordinary users.
What should an ordinary user do?
- Try updating your passwords, especially if you've used the same password in many places.
- Turn on two-stage protection (2FA) - this is "one lock on top of the lock."
- Don't click on suspicious links in SMS/mail: phishing "won't go out of style" after extensive readings.
- Monitor suspicious activity in banks and accounts.
For now, active data abuse may not be openly confirmed, but being open for three weeks is a serious risk. Therefore, the mindset of "it won't touch me anyway" needs to be put off for a while: believing in "luck" in cyber threats is the most costly mistake.
Read “Zamin” on Telegram!
