Elasticsearch Instance of Sales Leads on AWS
What Happened
In October 2018, security researcher Bob Diachenko identified multiple exposed databases with hundreds of millions of records. One of those datasets was an Elasticsearch instance on AWS containing sales lead data and 5.8M unique email addresses. The data contained information relating to individuals and the companies they worked for including their names, email addresses and company name and contact information. Despite best efforts, it was not possible to identify the owner of the data hence this breach as been titled "Elasticsearch Sales Leads".
Compromised Data
Recommended Actions
Monitor for Suspicious Activity
Watch for unusual login attempts, spam and phishing emails.
Breach Overview
-
Affected Accounts:
5.8 million
-
Breach Occurred:
October 2018
-
Added to HIBP:
17 Nov 2018
Recommended Actions
Change Your Password
If you haven't changed your Elasticsearch Instance of Sales Leads on AWS password since 2018, do so immediately.
Enable Two-Factor Authentication
Add an extra layer of security to your account.
Check Other Accounts
If you used the same password elsewhere, change those too.
Monitor for Suspicious Activity
Watch for unusual login attempts or messages from your account.
