Contract Management Company Evisort Accidentally Exposed Sensitive Documents Publicly (Apr 29, 2019)
The contract management company, "Evisort," suffered a data breach following a misconfiguration of an Elasticsearch database. The database was not password-protected and was publicly accessible via the internet, so any person could have accessed the database which stored sensitive documents including employee contracts, loan agreements, Non-Disclosure Agreements, and resumes. The company released a statement that the database was intended for testing purposes during ongoing audits, and said that they will contact the impacted customers. The database was removed an hour following disclosure of the leak.
Recommendation: It is crucial for your company to verify that access control is configured correctly prior to adding any sensitive data. As this story portrays, a misconfigured database has the potential to cause significant harm to individuals and a company's reputation.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.