SkyMed is a company that has been providing emergency evacuation services for the past 30 years. It was uncovered on March 27th that an Elasticsearch database which contained customer information had been left open, giving anyone with an internet connection the ability to not only view the data, but edit, download, and delete it as well. Almost 137,000 records were contained and information like full names, addresses, date of birth, email addresses, phone numbers, and some entries including medical information was exposed. On top of all the data being exposed, researchers also discovered that the database may have been infected with ransomware as well. Although the strain is unknown at this time, there appeared to be a ransom note titled “howtogetmydataback.” The database ended up being closed on April 5th even though SkyMed was not responsive when asked to comment about the situation.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that