Media publisher LADBible Group kept a huge employee database unprotected on the public internet, risking losing it to malicious actors.
This is according to a report from the Cybernews research team, which discovered a 4GB-heavy ElasticSearch instance with information on LADBible’s employees and business. The database included employee emails, social media profiles, current access roles, device IDs, and access to the LADBible Microsoft Enterprise Mobility + Security system login panel.
“Although the leaked data may initially appear unremarkable, it’s important to emphasize that obtaining this data through public channels would prove exceedingly challenging,” the researchers said. “This underscores the heightened reliability of the data we’ve stumbled upon.”
Ideal for social engineering
The database, they added, is a good starting point for threat actors looking to engage in identity theft, wire fraud, or social engineering. “Having access to this Elasticsearch instance would have provided an accurate and up-to-date list of employees, their emails, and access roles, among other things,” the researchers concluded.
LADBible is a globally recognized media publisher, with multiple publications under its umbrella, such as UNILAD, GAMINGbible, and Tyla. It claims to have more than a billion people for an audience. While LADBible Group remained silent on the matter, the database has since been secured. We don’t know if any unauthorized third party accessed it in the meantime.
Every now and then, cybersecurity researchers discover unsecured databases belonging to major companies around the world, holding plenty of sensitive information about their employees, partners, or clients. In mid-2021, the same research team (Cybernews) discovered more than 29,000 unsecured databases worldwide that were exposing over 19 petabytes (19,000 TB) of data online.
In March 2022, Check Point Research (CPR) analysts found 2,113 mobile applications whose databases were unprotected in the cloud and could be accessed by anyone with a browser.
