Here we go again, another day and another short article about another open elastic search engine that was leaking 8M rows of data from a large analytics company.

ResponseIQ  provides company's with the ability to engage with clients chats and telephone call back systems, its customers across the UK and US. Earlier this month our open data monitoring system detected an elastic search engine that was 9.8GB in total size with 8M rows of data with the cluster name of 'responseiq_analytics' it was not hard to attribute ownership to ResponseIQ however it seemed to prove difficult to get them to secure their system and get any sort of comment at all after they did so.

monitor capture 

The leaky data was detected recently on the 2 February 2019 and contact was attempted on the 12th and by the 15th the leaky data was no longer accessible, though ctrlbox has not been contacted from our original alert to them and a request of comment has gone ignored to. Leak data consisted of a mix of logs from users click activity to call history.

This is just another clear example of why its so critical to be checking your networks that host internal and client based data or even analytics as it can give away clues to your network and allow bad actors to gather intelligence a lot easier.