Glynk is a major Android app, with more than 1 million installs. The app develops state: “The Glynk application builds a like-minded network for every user based on interests, opinions, location among many other parameters.” In September 2019 something went wrong: the app has leaked 2.2 billion rows of data including their clients’ email addresses and usernames.
To learn more about the leak, Digital Journal spoke with Chris DeRamus, CTO and co-founder of DivvyCloud.
The reason for the leak relates to cybersecurity concerns connected to a specific server, according to DeRamus: “Glynk joins the growing list of organizations in 2019 that have left Elasticsearch servers unprotected. ” This oversight has left key data exposed and hence for use by hackers. Elasticsearch is a database that stores, retrieves, and manages document-oriented and semi-structured data.
In terms of the databreach, DeRamus explains the extent of the issue: “The 2.2 billion rows of data exposed in this leak include usernames, email addresses and users’ IP addresses they used to access the app.” Beyond this he notes: “The exposed database was leaking raw production SQL statements.” These segments can provide the hacker with sufficient information to assess the structure of Glynk’s database.
DeRamus also notes that the cyber-concerns are likely to run on for some time: “While the database has now been secured, the data it contained was potentially exposed for months.” The consequence of this is with presenting “opportunities for bad actors to discover the massive trove of data and launch sophisticated phishing or brute force campaigns.”
Going forwards, DeRamus explains that companies in the same situation as Glynk need to take action, being proactive in ensuring that customer data is protected with robust cybersecurity controls. Here the cloud provides an answer, as DeRamus outlines: “Automated cloud security solutions can grant organizations the ability to detect misconfigurations and alert the appropriate personnel to correct the issue, or even trigger automated remediation in real-time, so that Elasticsearch databases and other assets never have the opportunity to be exposed, even temporarily.”
