8.4TB of Email Metadata Exposed by ElasticSearch Database
CYBER NEWS

8.4TB of Email Metadata Exposed by ElasticSearch Database

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

A database containing 8.4 TB of email metadata was left exposed to the internet. The database belonged to a major Chinese research university. The good news is that it is now secured.

While searching Shodan, security researcher Justin Paine, who is the director of trust and safety with Cloudflare, came across an ElasticSearch database without any authentication. The database contained metadata related to a huge amount of emails.




Shanghai Jiao Tong University’s Email Metadata Exposed

It was eventually confirmed that this server and the email metadata was controlled by a large university located in China, the researcher shared in a blog post. Fortunately, the university’s security team responded promptly and took action to secure the data. However, the researcher believes that the university hasn’t notified the impacted students.

The database belongs to Shanghai Jiao Tong University which is known as ‘The MIT of the East’ since the 1930s.” The university has approximately 41,000 students covering their undergrad, masters, and Ph.D. programs.

As for the data that was left exposed, the researcher says the following:

9.5 billion rows of data which translates to 8.4TB of data. This was email metadata that appears to have been from a popular self-hosted email platform named Zimbra. The database was also growing significantly in size at the time it was secured. On May 23rd I observed the database the database was only 7TB in size, and May 24th the database had grown to 8.4TB.

Related: Database Exposed Details of 49 Million Instagram Users


What was in the database?
A large amount of the university’s email metadata consisting of information of senders, destinations and time of the emails. An attacker could abuse the data to locate emails that are sent or received by a specific individual. Furthermore, the exposed data also included the IP address and user agent of the person checking the email.

Using this metadata I could see the high level details of a specific email exchange such as which email address was sending or receiving an email from a different email address.

This enabled the researcher to locate all the IPs used and device type of every individual.

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...