- Another unprotected elasticsearch database leaks data of millions of people, and this time it concerns high-profile individuals.
- The information contained in the database includes all details about PEPs around the globe, as well as their close associates, companies, and even relatives.
- The case is another indication of the irresponsibility and unreliability of information handlers and database owners.
According to a report by independent security researcher Bob Diachenko, there was a copy of a Dow Jones Watchlist dataset containing the records of 2.4 million high-profile individuals open for anyone to access until last week. The 4.4 GB of data was found on a public Elasticsearch cluster, and anyone could locate it by using IoT (Internet of Things) search engines. The Dow Jones Watchlist is a statistically accurate and up-to-date list of senior PEPs (Politically Exposed Persons) used by eight of the world’s ten largest Financial Institutions. PEPs are the people who have been entrusted with a prominent public function and are exposed to bribery and corruption risks due to their position and role.
All that said, this database contains information about people whose function is critical in the finance world, and by extension, the leaking of the particular data is a disaster for the affected individuals, as well as the whole system that is in place to detect illicit payments and money laundering activities. The database includes the following information:
- Global coverage of senior Politically Exposed Persons, their relatives, close associates, and the companies they are linked to.
- National and international government sanction lists and categories.
- Persons officially linked to or convicted of, high-profile crime.
- Profile notes from Dow Jones including citing Federal agencies and law enforcement sources.
According to Diachenko, the owners of the database took it down immediately after the report of the researcher, while they tried to downplay the incident by providing the following response: “This data is entirely derived from publicly available sources. At this time our review suggests, this resulted from an authorized third party’s misconfiguration of an AWS server, and the data is no longer available.”
Although this may be true, leaving such highly critical information that was neatly indexed open to access by anyone is an act of extreme irresponsibility. The PEPs who find themselves in the leaked list will now have a chance to reconsider their practices and avoid the detection of any shady transactions in the future.
We have already lost track of how many ElasticSearch databases were left open to public access since the beginning of the year. From the exposure of financial and banking documents to online casino player leaks, and AIESEC applicants’ personal information, the incidents keep on surfacing at a rate of an outbreak of carelessness. Owners and administrators of these databases need to take a much more responsible approach with the crucial data that they manage, as information like the Dow Jones Watchlist is a goldmine for those who have a use for it.