Sensitive Information of Millions of Panama Citizens Leaked

An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with “patient” labels, together with another 468,086 records labeled as “test patients.”

As Security Discovery researcher Bob Diachenko discovered during his investigation, the data was leaked because the Elasticsearch cluster storing it was not properly configured, allowing anyone with an Internet connection to access it using a web browser.

The publicly accessible Elasticsearch server hosted on Amazon AWS was discovered by the researcher using Shodan and, as historical data provided by the platform showed, the huge cache of sensitive data was first indexed on April 24th, 2019.

Read more at Bleeping Computer

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio