company logo

Product

Our Product

We are Reshaping the way Developers find and fix vulnerabilities before they get exploited.

Solutions

By Industry

BFSI

Healthcare

Education

IT & Telecom

Government

By Role

CISO

Application Security Engineer

DevsecOps Engineer

IT Manager

Resources

Resource Library

Get actionable insight straight from our threat Intel lab to keep you informed about the ever-changing Threat landscape.

Subscribe to Our Weekly Threat Digest

Company

Contact Us

Have queries, feedback or prospects? Get in touch and we shall be with you shortly.

loading..
loading..
loading..
Loading...

databreach

loading..
loading..
loading..

Thai Internet Records Leaked

Over 8 billion real-time Internet records from Thailand's largest cell network were leaked

01-Jun-2020
2 min read

Over 8 billion real-time Internet records from Thailand's largest cell network, Advanced Info Service (AIS), were leaked because of a misconfigured database.

##About

The leak was first discovered by Justin Paine, Security researcher, and informed the company about the same. ThaiCERT was informed by Paine when he did not receive any response from the company. The issue was resolved by taking the database offline and securing the records. According to sources NetFlow data and DNS query logs were the affected.

##Not the first case:

Apart from this, there have been several Elasticsearch data breaches.

  1. A UK-based security company unwittingly exposed its data breach database without password protection, leading to a leak of over 5 billion records.

  2. Bithouse, the app developer for Peekaboo, left their Elasticsearch database open which had around 70 million log files.

  3. Microsoft suffered a data breach of 250 million user records because of a misconfigured Elasticsearch database.

  4. Cloud server misconfiguration has led to data leaks at Dow Jones, Voipo, Meditab, and Gearbest.

##Suggestions from Experts:

  1. The major cause of such data breach is due to outsourcing of contracts. and should be avoided if possible.

  2. Security configurations should be monitored regularly and standard protections should be incorporated by all types of industries.

##What can be done

  1. Use of DoT or Doh to secure DNS com is advised so that the ISP cannot spy or sell the DNR query traffic.

  2. Secure defaults for cloud-based platforms like Kibana should be used.

##Conclusion

All these data leak situations prove the challenges faced by companies in figuring out where the data is stored and who has access. Such problems are avoidable with proper inspections. Companies should follow standard safety protocols and monitor their actions as per the regulations set.