Thomson Reuters Exposes 3TB+ of Sensitive Data on Unsecured ElasticSearch Database
The researchers warn that the data is likely worth millions of dollars on underground criminal forums. It was exposed for several days, giving ample time for malicious bots to discover and steal the data. The data in the exposed databases could be used for social engineering attacks and ransomware, among other potential attack vectors.
“It’s concerning that the dataset was open for so long,” Benjamin Fabre, co-founder and chief executive of bot protection company DataDome, told SiliconANGLE. “Threat actors—and the malicious bots they deploy—are opportunistic and can wreak havoc very quickly once they get ahold of sensitive data.”
Fabre added that “bots can (and will) leverage personally identifiable information to conduct all sorts of attacks, including account takeover, credential stuffing, carding and more. This likely won’t be the last we hear of this breach.”
Related posts
DataDome Announces Priority Protect, the First Virtual Waiting Room Built for Agentic Commerce
Tell me more
Businesses struggle to identify AI agent traffic
Tell me more
DataDome Report Finds Most Organizations Flying Blind as Agentic Traffic Surges
Tell me more
DataDome and Botify Partner to Give Businesses Full Control Over Agentic Commerce, from Discovery to Transaction
Tell me more
