Late last week, CNET reported the data from tens of thousands of patients at multiple addiction rehabilitation centers, were exposed due to an unsecured online database. If you’re familiar with the current data breach trend this year, then you’ve probably already guessed what happened, another organization improperly secured their ElasticSearch Database.
An independent researcher (the same one who discovered Mountberg Limited’s misconfigured database) discovered Steps to Recovery’s Elasticsearch database exposed to the internet without any form of authentication. Unfortunately, this misconfiguration comes at the expense of almost 150k patients exposing their most sensitive medical information.
“Given the stigma that surrounds addiction this is almost certainly not information the patients want easily accessible,” the researcher shared with CNET
These misconfigurations are often the result of a developer that was unaware of how to properly secure the storage asset, or a simple oversight. For example, a developer may have tweaked a storage container configuration as part of troubleshooting, leaving it open to the public. Once the application began working again, they moved on to another project completely forgetting about the exposed storage container. There are dozens of situations that may result in changes to a container’s configurations. Organizations are often made vulnerable because they don’t have processes in place to prevent or manage insecure software configurations and deployments.
Here are seven other orgs this year that have misconfigured Elasticsearch servers:
Organizations need continuous security and compliance in the cloud. A “trust, but verify” approach meaning companies can trust that their developers and engineers are provisioning and configuring cloud and container services appropriately, but they need to verify this relative to security, compliance, and governance policies. Simple truth – rate of change and the dynamic nature of software defined infrastructure has outstripped human capacity and organizations need to automate the process of verification. Where there is a policy violation, make it easy to automatically remediate so that the environments are always secure and compliant
Interested in learning more? Speak with a DivvyCloud expert today!
Watch DivvyCloud’s 60 second video to learn how we help customers like GE, 3M, Autodesk, Discovery, and Fannie Mae stay secure and compliant.
DivvyCloud minimizes security and compliance risk by providing virtual guardrails for security, compliance, and governance to customers embracing the dynamic, self-service nature of public cloud, and container infrastructure. Customers like General Electric, Discovery Communications, and Fannie Mae run DivvyCloud’s software to achieve continuous security governance in cloud and container environments (AWS, Azure, GCP, Alibaba, and Kubernetes). First, our software performs real-time, continuous discovery of infrastructure resources allowing customers to identify risks and threats. Second, customers can implement out-of-the-box or custom cloud-native policy guardrails that identify and alert on violations. Third, we automate the enforcement and remediation of these policies.