Israeli Marketing Company Exposes Contacts Database (Feb 27, 2020)
The Israeli marketing company "Straffic" exposed 140 GB of contact information due to poor credential hygiene. This data included 49 million email addresses. The data was stored in a password protected Elasticsearch database cluster, but the password was stored in plaintext in a file on one of the web servers used by the company. The data stored in the database included email addresses, names, phone numbers, physical address, and gender.
Recommendation: It is important that your company and employees use different passwords for the different accounts that are being used. Data from previous breaches can be used by threat actors in future attacks. It is also important to securely store credentials used by services to access other services.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.