For more than a year, Shoemaker Ecco has been running a misconfigured database that exposed vast amounts of sensitive information to anyone who knew where to look.
This is according to a report from online news (opens in a new tab), whose research team recently identified 50 Ecco indices that are publicly available. In total, the database holds more than 60GB of sensitive data since June 2021.
“Millions of sensitive files, ranging from sales to system information, were accessible. Anyone with access could view, edit, copy and steal or delete data,” the researchers said.
API request
While Ecco is simultaneously working on the issue, they did not comment on Cybernews’ findings. The database now appears to be locked, the researchers said.
While scanning the web for insecure and misconfigured databases, the research team found an exposed instance hosting Kibana, Ecco’s ElasticSearch visualization dashboard. As the researchers explain, Kibana helps process ElasticSearch information.
The instance hosting the dashboard is protected by HTTP authentication, but the server’s configuration is (wrong) to allow API requests through. Exploiting this vulnerability, the researchers looked up index names on Ecco’s ElasticSearch and found 50 public indexes with more than 60GB of data.
The researchers said the data contained a variety of sensitive information, from sales and marketing to logging and system information. An index sales_org contains over 300,000 documents. A directory called market_specific_quality_dashboard has over 820,000 records.
They further explained that there are a number of ways threat actors can exploit the database, saying that visible code, naming, and URLs may have been altered, all of which are used to run phishing campaigns, identity theft (opens in a new tab)or trick people into running malware and ransomware.
What’s more, the database is not for local ecco outposts, but for the global ecco.com site. In the hands of experienced cybercriminals, these files can become a primary tool for attacking companies on a global scale. Ecco stores, their employees, and customers and clients.
