An unprotected Elasticsearch cluster exposed 3,427,396 records containing sensitive personal information on Panama citizens with “patient” labels, together with another 468,086 records labeled as “test patients.”
As Security Discovery researcher Bob Diachenko discovered during his investigation, the data was leaked because the Elasticsearch cluster storing it was not properly configured, allowing anyone with an Internet connection to access it using a web browser.
The publicly accessible Elasticsearch server hosted on Amazon AWS was discovered by the researcher using Shodan and, as historical data provided by the platform showed, the huge cache of sensitive data was first indexed on April 24th, 2019.