Bing broke out a rare network security vulnerability. Employees exposed the back-end servers on the Internet. More than 6.5 TB of log files were exposed, including 13 billion records from Bing search engine.
The leaked server is identified as elasticsearch, an advanced system in which companies aggregate large amounts of data to easily search and filter billions of records. Microsoft has acknowledged the error, saying, “we’ve fixed the misconfiguration that caused a small number of search query data to be exposed. After analysis, we have determined that the data disclosed is limited and unrecognizable. “
Bing 6.5 TB data exposed
Bing is a search engine launched by Microsoft in 2009. As early as 2013, Bing has become the second largest search engine in North America and one of the world’s leading search engines.
On September 12, ATA hakcil, a security researcher at wizcase, found that Bing’s elasticsearch server exposed more than 6.5 TB of log files. He verified his findings by finding the search queries he performed in Bing Android applications in the server logs.
In addition to device and location details, the data also includes the exact time the search was performed using the mobile app, a partial list of URLs that users access from the search results, and three identifiers, such as Adid, devicel, and devicehash.
According to wizcase, elastic servers are thought to be password protected, but authentication seems to have been inadvertently removed after September 10. After secretly disclosing the investigation results to Microsoft Security Response Center, they resolved the misconfiguration problem on September 16.
Elastic server has been attacked many times
In recent years, misconfigured servers have been a persistent cause of data leakage, resulting in the disclosure of users’ email addresses, passwords, phone numbers and private messages.
The server was also subjected to at least two “meow attacks,” an automatic network attack that has cleared data from more than 14000 insecure database instances since July without any explanation.
Chase Williams of wizcase said: “based on the huge amount of data, it can be inferred that anyone who uses a mobile app to search Bing after the server is exposed is at risk. We’ve seen searches from more than 70 countries. “
Although the leaked server did not disclose names and other personal information, wizcase warned that the data could be used for other nefarious purposes, and would allow criminals to locate their whereabouts, thereby exposing users to personal attacks.
Whether it is searching for adult content, extreme political views, or even any other information, as the server provides all the detailed information, once the hacker has carried out a search query, it is possible to find the identity of the user, which makes them easy to be blackmailed.
There are various reasons for data leakage, such as the administrator forgetting to set the password, the firewall or the VPN system suddenly crashes, exposing the internal servers usually used by the company. Or companies copy production data to test systems that are not as well protected as their primary infrastructure.
Different units and organizations have their own network information center to ensure the security of important data in Information Center and network center computer room, but there are always some unsolved security problems. The most important thing for network security is that enterprises and responsible employees attach great importance to it, and have a complete security system.