An unprotected Elasticsearch cluster contained personally identifiable information on Russian citizens from 2009 to 2016.

Dark Reading Staff, Dark Reading

October 3, 2019

1 Min Read

A database holding more than 20 million Russian tax records was found unprotected, leaving personal tax data accessible to anyone with a web browser, researchers reported this week.

The AWS Elasticsearch cluster contained data on Russian citizens spanning 2009 to 2016, according to Comparitech, which partnered with security researcher Bob Diachenko to investigate the leak. No password or any authentication was needed to access the cluster, which has now been taken offline. Researchers cannot confirm whether data was taken.

Multiple databases were stored in the cluster. Some held random and publicly sourced data; two held tax data and personally identifiable information about Russian citizens, most of them from Moscow and the surrounding area. One database had more than 14 million personal and tax records from 2010 to 2016; another had more than 6 million records from 2009 to 2015.

The records held information including full name, address, residency status, passport number, phone number, tax ID number, employer name and phone number, and tax amount. None of the data was encrypted, researchers report, and it was left exposed for more than a year.

Read more details here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "How the City of Angels Is Tackling Cyber Devilry."

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights