The trove of data was leaked due to a misconfigured Elasticsearch server and in total it stored 870 million records or 147 GB of data.
SafetyDetectives security team led by Anurag Sen shared details of a misconfigured Elasticsearch server that exposed the data of millions of loan applicants. The data mainly belonged to people from Ukraine, Kazakhstan, and Russia who had applied for microloans.
The server was detected randomly on December 5th, 2021, while checking certain IPs however the details of it have only been shared this week. The anonymous server was left unsecured and unprotected as it didn’t have any authentication protocols, which led to the leaking of more than 870 million records or 147GB of data.
Owner Identity Yet Not Available
SafetyDetectives couldn’t determine who owned the server. However, researchers noted that customer logs of numerous microloans providers’ websites were stored on the server, but most weren’t financial services like lenders or banks. Instead, these websites were of third parties that are intermediaries between the loan company and the applicant.
Most entries in the server’s logs were in the Russian language, while most data belonged to Russians. Therefore, researchers concluded that the server’s owner is a Russian entity.