The Dow Jones watchlist was found by a researcher to be residing in an open Elasticsearch database. The entire amount of data contained 2.4 million records for criminals, national and international sanction lists and politicians. The data is designed to help people and companies to identify risks when looking into a particular person. All of the information included in this dataset was from all open source resources, meaning all the information was public to begin with. With this dataset though, it becomes more dangerous because it is all located in one place, making it easier for criminals to get their hands on the information rather than searching for it. The exposed information is believed to be from a misconfigured AWS Database. The sensitivity of this information according to Dow Jones is very high, and some have called it very “careless and irresponsible” that it was left open.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased