The 400GB worth of data was exposed due to a misconfigured Elasticsearch database.
Safety Detectives’ cybersecurity reported that a Chinese startup called Socialarks became the victim of a massive data breach. According to Safety Detectives team head Anurag Sen, around 400 GB worth of private data was exposed in the breach.
Socialarks Data Breach
The breach occurred due to an unsecured ElasticSearch database, which contained personally identifiable information of approximately 214 million social media users from across the globe.
Impacted users include many high-profile celebrities, food bloggers, and social media influencers. Most of the users were associated with Facebook, Instagram, and LinkedIn.
Affected Server was Segmented
Tencent, a Chinese multinational technology conglomerate holding company hosted the vulnerable server. It was segmented into indices, probably to store data obtained from different social media sources. However, the team discovered records from only three major aforementioned social media platforms.
Data ‘Scraped’ due to Poor Password Protection.
The ElasticSearch database wasn’t secured with a strong password or encryption. Lack of protection on a server means that anyone possessing its IP address can access the database. The same happened in the case of Socialarks. Resultantly, the private data of millions of users got exposed.
Exposed Data Includes…..
According to Safety Detectives’ blog post, the database contained “a “huge trove” of sensitive personal information to the tune of 408GB and more than 318 million records in total.”
The exposed database contained profiles of over 11,651, 162 Instagram users, 66,117, 839 LinkedIn users, and 81,551,567 Facebook users. Around 55,300,000 Facebook user profiles were deleted within a few hours after Safety Detectives’ team discovered the vulnerable server.
Instagram users’ data included profile pictures, biographies, followers count, biographies, location settings, and contact data, such as email and phone numbers.
Leaked Facebook data included 40 million phone numbers mostly from pages, and 32 million email addresses, as well as full name, About text, email addresses, country, phone numbers, Messenger ID, Like, Follow, and Rating count, Facebook and Website link with profile pictures, and profile description.
LinkedIn’s exposed data included full name, email IDs, user tags, job profile, seniority level and job title, LinkedIn profile link, domain name, user tags, and connected social media accounts information such as Twitter.
Not for the first time
This however is not the first time when scraped data of millions of users was leaked online. In December 2018, an unprotected Elasticsearch server leaked names and phone numbers of 267 million Facebook users.
In another incident, an unprotected database leaked phone numbers of 419 million Facebook users including 133 million records from the US, 18 million in the UK, and 50 million in Vietnam.