Contents:
The exposed data was kept on an exposed Elasticsearch cluster.
It’s important to note that while much of the data was encrypted, personal information of at least 1,200 Telegraph subscribers and registrants, as well as a massive trove of internal server logs, were in plain sight.
Full names, email addresses, device information, URL queries, IP addresses, authentication tokens, and unique reader IDs are all examples of subscriber data that have been exposed. Some Apple news subscribers’ or registrants’ passwords were also included in the database.
Bob Diachenko is the researcher who found the unsecured dataset. He stated that at least 1,200 unencrypted contacts were exposed without a password.
Documents Have Been Revealed
Many of these incidents, in particular, involve Apple News subscriber registration information, including unencrypted passwords.
As reported by BleepingComputer, the newspaper was promptly notified and informed of the breach, but it took them two days to respond and protect the database.
The greatest danger for those of you who may have been exposed as a result of this data leak is being scammed or phished through email.
The exposure of URL queries may pose a privacy concern because they may be used to reconstruct the users’ news platform viewing history.
The Telegraph’s repercussions are that non-subscribers may use stolen access tokens to access material behind its barrier, but this could be resolved with a reset.
We became aware of this discovery on 16 September and took immediate action to secure the data. An investigation showed that only a small number of records were exposed – less than 0.1% of our users and we have contacted all the users to advise them. The investigation also concluded that whilst the data was exposed it was not breached other than the discovery posted by the researcher. We are grateful for the work of independent researchers who responsibly disclose vulnerabilities and exposures and who are vital in our continued work to protect our assets.
The number of people affected, according to this statement, is 600, which is fewer than what Diachenko saw exposed. According to the Telegraph, none of them are at risk of being exploited because Diachenko was the first and final individual to access the sensitive material.
First Beeline, now https://t.co/qxvJYTMoOY [@Telegraph] … 10+Tb of data exposed, incl. subscribers info (email, name, IP, device info, tokens). Please reply asap. Emails have been sent.
— Bob Diachenko (@MayhemDayOne) September 16, 2021
Dora is a digital marketing specialist within Heimdal™ Security. She is a content creator at heart - always curious about technology and passionate about finding out everything there is to know about cybersecurity.
