HQ/EMEAFind out how we can help your business
Researchers discovered troves of exposed data from a well-known shoe manufacturing company, Ecco. Based on reports, the company has leaked more than 60 gigabytes of data that has been publicly accessible for nearly two years.
Moreover, the data leak incident contained millions of sensitive documents that were accessible. Any user accessing the leaked documents could have viewed, altered, copied, stolen, or removed the information.
According to researchers, they have discovered an exposed instance that stores an ElasticSearch visualisation dashboard for Ecco. The dashboard allows processing data on ElasticSearch, a storage facility employed by firms dealing with massive data volumes.
Even though admins secured the instance holding the dashboard with a basic HTTP authentication, a user misconfigured the server and enabled all API requests.
The misconfiguration on Ecco allowed researchers to view the data.
The misconfigured authentication enabled the researchers to look up the index names on the ElasticSearch employed by Ecco. Hence, the bug revealed 50 exposed indices with more than 60 gigabytes of data.
The exposed servers include sales, marketing, logging, and system information documents.
Furthermore, the past data revealed that the exposed database was available for approximately 506 days since June last year. Additionally, more than 35 gigabytes worth of data was added by users to the leaked database after the server misconfiguration opened a security flaw in Ecco’s infrastructure.
The names on the open server show that the company exposed millions of documents. One exposed database is a directory called sales_org, which/h contains about 300,000 documents.
Unfortunately, millions of documents that cover various elements of Ecco’s corporate life were accessible such as performance monitoring and system status information. The exposure also became very worrying for many experts as the database seems connected to Ecco’s website.
The connection of the exposure to the ecco[.]com could provide a competent hacker with the tool to target the company globally. Cybersecurity experts explained that the ability of the threat actors to modify the exposed data within ElasticSearch could pose a massive threat to the company and its customers.
