According to ZDNet, a hacker is currently selling a huge database of millions business contacts on a underground hacking forum, relating to LimeLeads. The records are being sold in an underground hacking forum by a well-known threat actor under the name Ominichorus. The data contains the following user details: full name, title, user email, employer/company name, company address, city, state, ZIP, phone number, website URL, company total revenue, and the company’s estimated number of employees.
It appears that the affected company is the latest in a growing list of companies that failed to set up a password for an internal server. the consequence of this is with allowing anyone on the Internet to access the company’s important customer data.
Providing analysis about the data breach for Digital Journal, Anurag Kahol, CTO, Bitglass says: “Week after week, we witness companies leaving sensitive data vulnerable in the cloud due to simple mistakes and misconfigurations. In this particular case, a failure to password protect an internal server led to over 49 million user records being made available for sale on the dark web – exposed data included full names, emails, phone numbers, and other personally identifiable information.”
In terms of the consequences, he adds: “Those affected by this breach are now vulnerable to fraud and phishing attacks for the foreseeable future.”
In terms of how these types of things happen, Kahol states: “Unfortunately, cybercriminals can leverage tools that detect abusable misconfigurations within IT assets like Elasticsearch databases, making it easier and easier to find and exploit vulnerabilities.”
Kahol also outlines the basis of a preventative strategy for companies with a significant online presence: “If organizations are to prevent these kinds of breaches, they must have full visibility and control over their data and their IT systems. To do so, they should look for security solutions that remediate misconfigurations, enforce real-time access control, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent the leakage of sensitive information.”
