In an ironic twist, Cognyte's data alerts customers to third-party data exposures.
A researcher recently discovered online an unsecured database operated by cybersecurity analytics firm Cognyte that left some 5 billion records collected from a range of data incidents exposed online - and accessible without authentication.
The stored data is part of Cognyte’s cyber intelligence service, which is used to alert customers to third-party data exposures.
“Ironically, the database used to cross-check that personal information with known breaches was itself exposed. The information included names, passwords, email addresses, and the original source of the leak,” Comparitech wrote in a report.
Comparitech’s security research lead Bob Diachenko discovered the exposed data on May 29 and alerted Cognyte, who secured it three days later.
“Thanks to the information provided by the security researcher, Volodymyr “Bob” Diachenko, Cognyte was able to rapidly respond to and block a potential exposure,” Cognyte said in a statement to Comparitech.
The full report from Comparitech is available here.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024