Global cyber security firm DynaRisk has discovered several unprotected and misconfigured servers (without any authentication) leaking valuable data relating to brands including Amazon and Alibaba, highlighting a global issue concerning all online brands. Five leaks were discovered in total, with a combined file size of 3 TB and over 1.4 billion records. Two of the leaks contain Amazon marketplace records, while another contains Alibaba sales records.
The exposed data was detected by a member of DynaRisk’s intelligence team who discovered the leaking Elastic search databases. In one instance, a hacker left a note demanding ransom in return for the copy of the Amazon data they took.
The database owners were notified, detailing what information was leaking and the size of each leak individually. Three of the five were closed, however all were leaking over a period of a few weeks. Aside from the database containing a ransom note, it is unknown if the others were discovered by threat actors.
The records in question were verified by DynaRisk’s intelligence team by testing sample records at random.
Andrew Martin, CEO and Founder of DynaRisk commented: “Unfortunately, despite companies investing to protect their customer data, all it takes is one third party vendor to undo all the hard work. We have seen data from hundreds of companies leaking on the web as a result of a third-party failing to secure servers and anyone that knows where to look on the net will be able to spot and siphon off all that data, without any authentication.”
“The Amazon related leaks are particularly concerning as the brand is consistently impersonated in phishing scams – specifically, fake refund notifications and order updates. With the data records exposed in these leaks, cyber criminals will be able to create highly targeted scams.”
“For the individuals affected in leaks like this, and the public generally, it’s more important than ever to be aware of the impacts this can have. People should be regularly scanning their email address using data breach and leak checking tools to help gauge where their information may be been exposed. Cyber hygiene also plays a huge part in making sure that any aftereffects are kept to a minimum; people using the same passwords across several sites and those unable to spot fraudulent emails prime targets for fraudsters.”