company logo

Product

Our Product

We are Reshaping the way Developers find and fix vulnerabilities before they get exploited.

Solutions

By Industry

BFSI

Healthcare

Education

IT & Telecom

Government

By Role

CISO

Application Security Engineer

DevsecOps Engineer

IT Manager

Resources

Resource Library

Get actionable insight straight from our threat Intel lab to keep you informed about the ever-changing Threat landscape.

Subscribe to Our Weekly Threat Digest

Company

Contact Us

Have queries, feedback or prospects? Get in touch and we shall be with you shortly.

loading..
loading..
loading..
Loading...

Cognyte

Databreach

loading..
loading..
loading..

Cognyte jeopardized its database exposing 5 billion records, including earlier data breaches

Comparitech's security investigation, discovered the exposed data on May 29 and notified Cognyte...

21-Jun-2021
3 min read

Cognyte surfed on reports for its database protection fiascos, exposing 5 billion records that were also a part of previous data breaches. In recent news, Cognyte, a cybersecurity analytics company, was found responsible for leaving a huge compromised database, causing more than 5 billion records to be exposed online.

Stored storage is part of the intellectual property of the Cognyte network and is used to provide customers with third-party data.

“Ironically, the database used to cross-check that personal information with known breaches was itself exposed. The information included names, passwords, email addresses, and the source of the leak,” Comparitech wrote in a report.

Bob Diachenko, head of Comparitech's security investigation, discovered the exposed data on May 29 and notified Cognyte, who protected it three days later.

“Thanks to the information provided by the security researcher, Volodymyr “Bob” Diachenko, Cognyte was able to respond to and block a potential exposure rapidly,” Cognyte said in a statement to Comparitech.

Course of events

The information was uncovered for four days. This is what we know occurred:

  • May 28, 2021: The database was indexed by search engines.
  • May 29, 2021: Diachenko discovered the database and immediately notified Cognyte per our responsible disclosure policy.
  • June 2, 2021: Cognyte secured the data.

We do not know whether other third parties accessed the data during the exposure period or how long it was exposed before being indexed by search engines. Our honeypot experiments show that attackers can find and access exposed data within a few hours..

What data was compromised?

cybersecurity-firm-exposes-5-billion-records-login-credentials-1024x1007

The information was put away on an Elasticsearch group. Altogether, it contained 5,085,132,102 records. Each contained all or a portion of the accompanying data:

Name, Email address, Password, Data source

Not the aggregate of the information breaks from which the information that was sourced including passwords, anyway we could not decide an accurate level of records that contained a secret phrase.

As per Comparitech's report, a portion of the information had a place with high profile information breaches, for example,

  • Zoosk -Tumbler -Antipublic -MySpace -Canva -Verification.io -iMesh -Edmodo -VK -Exploit -Master Breach Comp -Rambler -Onebip -Scentbird -Appen.com -Toondoo -Wishbone -Wattpad -Mathway -Promo.com -MGM -Estante (Brazilian book shop)

According to the report, the blog entry specifying the data breach explained that secret keyholes might be one of the underlying concerns since regardless of whether clients change their secret word to one record, programmers may, in any case, have the option to utilize that secret phrase to attempt to login to another record if it's being utilized for more than one record.