A database found on ElasticSearch containing 257,287 legal documents was discovered on ElasticSearch and was able to be accessed with no password. It is believed that the database is managed by LexSphere, a legal services company who provides its resources to LexVisio law firm. The problem arose because many of the records are exclusively shared between lawyers and the court, and were labeled as “Not Designated for Publication.” Thankfully, after two weeks the database was secured, but that does not mean it couldn’t have already been tampered with. The researcher who discovered the open database stated, “Danger of having exposed Elasticsearch or similar NoSQL databases is huge. I have previously reported that the lack of authentication allowed the installation of malware or ransomware on the MongoDB servers. The public configuration allows the possibility of cybercriminals to manage the whole system with full administrative privileges.”
Analyst Notes
Since it is unclear what information was contained in the database and if it was accessed with malicious intent, it is hard to determine what will be done with it. Until more information is uncovered, users should simply monitor personal accounts for any suspicious activity.
