Type
Research
Actors
Pub. date
October 2, 2023
Initial access
Software misconfig
Impact
None
Targeted technologies
ElasticsearchKibana
References
https://cybernews.com/security/darkbeam-data-leak/
Status
Stub
Last edited
Jun 2, 2024 8:02 AM
Cyber risk management company DarkBeam has leaked more than 3.8 billion records after it left an Elasticsearch server unprotected on the internet. The database contained information from older breaches that DarkBeam was using to send alerts to customers. While the leaked data had already been public via separate smaller breaches, the DarkBeam leak has made it easier to download everything in one go. The company fixed the leaky servers as soon as it was notified.