The French daily newspaper, Le Figaro, has exposed about 7.4 billion records, which had personally identifiable information (PII) of employees, reporters, and at least 42,000 users.
The database, which was discovered by the team of security experts from Safety Detectives, which is led by the researcher Anurag Sen, also included data from the accounts registered between February and April 2020, as well as records of accesses in the same period.
“Hosted on an Elasticsearch server owned by Poney Telecom in France, the leaked database contained more than 8TB of data, approximately 7.4 billion records. The server was live at the time of our investigation, leaking Personally Identifiable Information (PII) data from people accessing private accounts on the Le Figaro news website, and in some cases, their login credentials as well,” SafetyDetectives told Cyber Security News.
The French daily newspaper, Le Figaro, was founded in Paris in 1826, and it is the oldest newspaper in France. While apart from this, the online portal of Le Figaro is one of the most visited websites in France, since it’s the oldest daily newspaper in France.
What has Been Leaked?
The Safety Detective team discovered a server used by the French daily newspaper site, Le Figaro was hosted in France, and it was not protected by a password.
This server keeps an archive (“log”) of many interactions of readers with the site, a standard practice for maximum websites, simply to make better user experience.
The access to the server was not protected, leaving 8TB of data freely accessible, while the vast majority of the data was technical information. But the files also contained personal information, like names, email addresses, even passwords as well, which were stored open and unprotected, while others are protected by an MD5 hash, it’s a known protection system, but, not very robust.
The Exposed PII data Includes:-
- Full names.
- Home Addresses.
- Passwords for new users, in cleartext, and hashed with md5.
- Countries of residence and zip code.
- IP addresses.
- Internal server access tokens.
The database API records contained records of the users who have registered a subscription account on the Le Figaro website from February to April 2020, along with records of pre-existing users who connected to their accounts.
Moreover, the database also contained some technical records that could give an attacker valuable information about the infrastructure of Le Figaro, while these include SQL query errors, traffic between different servers, communication protocols, and much more.
But, the Safety Detectives believe that the leak could be connected to the AGORA system used by Le Figaro as CRM and have been accidentally exposed due to the Misconfigured ElasticSearch Cluster. But, here, the most worrisome thing is that the database was completely exposed to the public, and accessible to anyone without the need of a password.
Steps to Prevent Your Data To be Exposed:-
- Always be cautious while sharing your information.
- Always check the websites you are visiting are secure or not.
- Always create or use strong passwords.
- Do not click any unknown links.
- Avoid saving your credit or debit card information on any online portal.
- Always double-check any social media accounts simply to secure your privacy.
So, what do you think about this? Simply share all your views and thoughts in the comment section below.