The unsecured database occurrence news reports seem endless, this one relates to the exposure of around 3.4 million records of Panama citizens.
Panama Citizens PII Data Exposed
Researcher Bob Diachenko has reported another unsecured database exposing a huge amount of records. He found an unsecured Elasticsearch cluster that contained millions of records of Panama citizens.
As stated in his blog, the database contained around 3,427,396 records belonging to Panama citizens. The records, labeled as ‘patients’ included detailed data about the individuals. The exposed details included Personally Identifiable Information (PII) but do not include any ‘specific’ medical information. The breached information allegedly included complete names, birth dates, contact number, email addresses, national ID number, medical insurance number, and other such data.
Considering the size of breached records, the researcher suspects that the database supposedly exposed information of about 90% of the population in Panama (considering the region has a total population of 4,034,119 citizens according to the last census held in 2016).
Leaky Database Now Closed
As observed by Diachenko via Shodan history, the IP related to this database was indexed since April 24, 2019. Upon finding the unsecured and publicly accessible server, he immediately notified the CERT Panama. Following the report, the database went offline within 48 hours.
He did not confirm if any bad actors accessed the database during the breach.
While the database is now inaccessible, in one of his tweets, he revealed another problem. The same IP address in question exposed RDP ports, putting the network’s security at risk of cyber attacks.
— Bob Diachenko (@MayhemDayOne) May 13, 2019
For now, the owners of the leaky database remain unknown.
Take your time to comment on this article.