MyEasyDocs is a Chennai, India based online documents verification platform whose Microsoft Azure server exposed data of over 57,000 students.
The team of IT security researchers at vpnMentor led by Noam Rotem identified a misconfigured Microsoft Azure server that exposed the personal and educational records of tens of thousands of students from India and Israel.
The exposed server belonged to Myeasydocs, an online data verification platform based in Chennai, India. Myeasydocs specialises in verifying documents related to banking, colleges, universities, goverment institutians and law enforcement agencies.
To verify, users are required to submit their records via Myeasydocs’ software which are then uploaded to the company’s cloud server. In this case, it was a Microsoft Azure server left exposed without any security authentication.
This means anyone with a slight bit of knowledge about finding unsecured databases on Shodan and other such platforms would have complete access to the exposed data which contained 30.5GB worth of files belonging to 57,400 Israeli and Indian students.
The breach we discovered was connected to an Israeli URL owned by a company that appeared to facilitate Indian students submitting documents to educational institutes in Israel and India.vpnMentor – Blog post
Upon analysing the trove of data, researchers identified following records:
- Full names
- Subject Majors
- Phone numbers
- Email addresses
- Dates of graduation
- National ID and university/college registration numbers and more.
The severity of misconfigured and exposed databases can be quantified by the fact that earlier this year, Anonymous and its affiliate group of hacktivists compromised around 90% of Russian cloud databases that were exposed to the public without any security authentication or password.
In Myeasydocs’ case, considering the extent and nature of exposed data, the incident could have far-reaching implications. Such as bad actors could download the data and carry out identity theft, phishing scams, scam marketing campaigns, and education related fraud including making fake university degrees, certificates and passes. The possibility of malicious use of such documents is endless.
It is worth noting that the exposed server was discovered on Feburary 2nd 2022 however the details of the incident were only shared today on June 9th, 2022. Nevertheless, the good news is that due to vpnMentor’s ethical approach the exposed server has been secured.
The researchers managed to inform the Israeli Cyber Emergency Response Team (CERT) and the impacted company. On Feburary 14th, 2022 the miscofigured Microsoft Azure server was secured and its IP addresses were no longer accessible to the public.
Misconfigured Databases – Threat to Privacy
Misconfigured or unsecured databases, as we know it, have become a major privacy threat to companies and unsuspected users. In 2020, researchers identified over 10,000 unsecured databases that exposed more than ten billion (10,463,315,645) records to public access without any security authentication.
In 2021, the number increased to 399,200 exposed databases. The top 10 countries with top database leaks due to misconfiguration in 2021 included the following:
- USA – 93,685 databases
- China – 54,764 databases
- Germany – 11,177 databases
- France – 9,723 databases
- India – 6,545 databases
- Singapore – 5,882 databases
- Hong Kong – 5,563 databases
- Russia – 5,493 databases
- Japan – 4,427 databases
- Italy – 4,242 databases
More database Mess Ups
- 9,517 unsecured databases identified with 10 billion records globally
- New malware attack turns Elasticsearch databases into DDoS botnet
- Stripchat database mess up exposes 200M adult cam models, users’ data
- US and China Exposed Most Databases Among 308,000 Discovered in 2021
- Misconfigured ElasticSearch Servers Exposed 579GB of Users’ Website Activity