Summary: While searching Shodan, I recently discovered an ElasticSearch database without any authentication. This database contained metadata related to a huge amount of emails. It was eventually confirmed that this server and the

Summary: Recently I discovered an improperly secured ElasticSearch database that contained personally identifiable information (PII) related to individuals who had received medical treatment at an addiction treatment center. This data appears to cover

Summary kanopy.com has been leaking huge volumes of website access logs as well as API logs via an exposed ElasticSearch database. The database was publicly accessible without any type of authentication. After

An ElasticSearch database (with Kibana front-end) was discovered. This server did not have any type of authentication. Numerous notifications have been sent to the email address indicated in the Google Store, but no

I didn't write up this leak here, but: https://www.zdnet.com/article/online-casino-group-leaks-information-on-108-million-bets-including-user-details/ and https://www.bleepingcomputer.com/news/security/online-casino-database-leaks-details-of-over-100-million-bets/ From ZDNet: "An online casino group has leaked