Another discovery by security researchers revealed an Elasticsearch server that hosted a database that contained indices with data records of 5 million users and another one containing 7 million such personal records. Although some of them may be duplicates but the scale of data breach would almost cover the entire Georgian population which is close to 4 million. The database, however, disappeared shortly after it attracted the attention of a security researcher. The Elastisearch server was discovered by Bob Dyachenko, who works as a security researcher and also owns SecurityDiscovery.com.
As per the details known, the Elastisearch server was hosted on a server owned by a German cloud service provider. The dataset contained multiple sensitive information about the citizens of the Republic of Georgia. The details held in the dataset contained names, ages, mobile numbers, genders, and other ID numbers. The source of data may be multiple as it contains a variety of information.
Even though the server was taken offline as soon as the details of the expose were made public, the breached data still remains a worry as such a massive pile of data can be used in multiple ways by threat actors to carry further directed attacks.
Bob highlighted that threat actors can weaponize personal data for political and criminal activities. State-sponsored hackers can exploit the leak for political manipulation, propaganda campaigns, or targeted harassment. Meanwhile, other adversarial actors can exploit the data for various malicious activities for their personal gain. A combination of personal identifiers, addresses, and phone numbers is at risk of being in the hands of malicious actors and can be used for scams or influence campaigns. In a region with high geopolitical tensions, personal information in the hands of bad actors could lead to its misuse, further destabilizing trust within the community, creating opportunities for disinformation, and harming vulnerable individuals.
At this time, the source of the leak is unknown, but surely, the security of data needs to be looked into by all the organizations that store or use personal user data.
