Thomson Reuters leaked terabytes of sensitive data
The multinational media conglomerate, Thomson Reuters, left an open database with sensitive corporate and customer data, such as third-party server passwords in plaintext format.
Thomson Reuters left at least three databases open to the public, researchers at Cybernews claim. One of the open instances, the 3TB public-facing Elasticsearch database, held sensitive information across the company’s platforms.
Thomson Reuters provides users with products ranging from media services to tax automation systems.
According to the researchers, the logs in the open database contain sensitive information and could lead to supply-chain attacks if accessed by threat actors. For example, the open dataset held access credentials to third-party servers.
The open instance also contained login and password reset logs, SQL logs that show what information Thomson Reuters clients were looking for. The records also included what information the query brought back.
The researchers have also discovered that the open database included an internal screening of other platforms such as YouTube, Thomson Reuters clients’ access logs, and connection strings to other databases.
The open databases had over 6.9 million unique logs taking up over 3TB of server disk. Researchers theorize that the dataset could have been much larger. The data is estimated to be worth millions of dollars on underground criminal forums.