Trending
ee-track">
Link copied!

16.8M Records Exposed Due to Misconfigured Elastic Database

 On June 27, 2021, Cyble researchers acquired a misconfigured elastic database comprising 16.8M records of customs data. The compromised data includes business and customs-related information.  Upon further investigation, we found that this incident affects Argentina, Chile, Colombia, Costa Rica, Ecuador, England, India, Korea, Pakistan, Panama, Paraguay, Peru, Russia, Ukraine, Uruguay, USA,…

June 30, 2021 · 3 min read
16.8M Records Exposed Due to Misconfigured Elastic Database

 On June 27, 2021, Cyble researchers acquired a misconfigured elastic database comprising 16.8M records of customs data. The compromised data includes business and customs-related information. 

Upon further investigation, we found that this incident affects Argentina, Chile, Colombia, Costa Rica, Ecuador, England, India, Korea, Pakistan, Panama, Paraguay, Peru, Russia, Ukraine, Uruguay, USA, and Venezuela. 

Figure 1 shows the exposed elastic database

Exposed elastic databas

Figure 1: Exposed Elastic Database 

Figure 2 shows the distribution of the exposed data in terms of the affected nations. 

Distribution of Exposed data 

Figure 2: Distribution of Exposed data 

The leaked data contains sensitive information such as: 

  • Importer Registration Date 
  • Importer Details including Name, Address, Phone Number, and Email ID. 
  • Product Description and Quantity
  • HS Code of the product 
  • Unit Price 
  • Supplier Name and Address 

Figure 3 and 4 shows a sample of the leaked data

Sample Leaked Data

Figure 3: Sample Leaked Data 

Sample Leaked Data

Figure 4: Sample Leaked Data 

The dataset includes headers like ‘importer’ and ‘hs_code’. Harmonized System (HS) is an internationally standardized coding system used in the classification of traded products. The number of importers impacted by this leak is 117,843, and the total number of HS codes exposed is 38,625.  

We have observed that the database appears to be a backup taken in 2020. The leaked information has the potential to reveal competitor strategy and pricing details. Apart from this, it can be further misused by cybercriminals to launch targeted phishing attacks on impacted importers and exporters.  

Data leaks expose sensitive user data and critical infrastructure of enterprises and may even put confidential data in the wrong hands. Despite emphasis being laid on data security, cybercriminals are looking for newer ways to evade organizations’ defenses to gain unauthorized access to valuable data. 

Our Recommendations 

We also suggest you follow the essential best practices given below:  

  • Follow good risk management practices and carry out risk-assessment of different assets regularly.  
  • Undertake periodic auditing of third-party risks.  
  • Never share your personal information, including financial information, over the phone, email, or SMSes.     
  • Use strong passwords as well as implement multi-factor authentication.   
  • Make it a habit to keep a watch on your financial transactions, and if you notice any suspicious activity, contact your bank immediately.   
  • Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic.    
  • ​Never open untrusted links and email attachments without verifying their authenticity.  

About Cyble:   

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. 

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams