upnorth

Level 29
Content Creator
Trusted
Verified
Yet another organisation has been spotted copying important data to Elasticsearch cloud storage without remembering to secure it.

Last week, it was US company VOIPo that accidentally exposed call logs, SMS data, and company credentials in Elasticsearch where it was spotted by researcher Justin Paine. This week, Paine has returned to tell ZDNet of a second cache of Elasticsearch data he found only days ago that appears to have been connected to online betting sites. Sensitive data such as: Real names, home addresses, phone numbers, email addresses, birth dates, site usernames, account balances, IP addresses, browser and OS details, last login information, and a list of played games. In addition, Paine found 108 million records connected to online bets, deposits, wins and withdrawals, complete with partially redacted payment card data.

According to ZDNet, the betting domains included kahunacasino.com, azur-casino.com, easybet.com, and viproomcasino.net, connected to companies registered in Cyprus and the Caribbean. It’s not clear how far back the data might go, but anyone who placed bets through these sites would be at risk of having their win and loss information made public, opening users up to potential extortion. As with the VOIPo data leak, there’s no evidence that the information has fallen into the wrong hands, although isn’t terribly reassuring to online gamblers whose data might be part of this cache. In a positive development, Paine said the data has been taken down, although whether this was by the affected company (or companies) or hosting provider OVH is unclear.