The Telegraph newspaper exposed 10TB of subscriber data

The was exposed due to an unprotected cluster and remained open to public access without any authentication.

Well-known security researcher Bob Diachenko discovered a ‘Giant’ blunder made by media outlet The Telegraph after it exposed 10 terabytes of subscribers’ data.

According to Diachenko, the trove of records included subscriber information and server logs, while the data was exposed due to an unsecured Elasticsearch cluster, which remained unprotected throughout September, and was freely accessible without any authentication or password required to access it.

How did The happen?

According to the researcher, while most of the data was encrypted, personal details of around 1,200 subscribers/registrants of the media outlet were in clear text format, and a massive collection of internal server logs was also unprotected.

SEE: US Govt’s secret terrorist watchlist with 2M records exposed online

Diachenko notified The Telegraph about the leak the same day it was discovered, but he didn’t receive any response, so two days later, on 16 September , he shared the

Read More: