French newspaper Le Figaro has come under fire following a data leak that exposed roughly 7.4 billion records of its staff and readers. The leak, which was identified to be caused by human error, involved data of personally identifiable information (PII) of reporters, employees, and at least 42,000 of its users.
According to a report from Bleeping Computer, an unsecured databased of Le Figaro had been found by security researcher Anurag Sen, along with his Security Detectives team. The database, which contained over 8TB of data, became publicly accessible due to a misconfigured Elasticsearch server.
Records that were found in the database included PII data of new accounts registered between February 2020 to April 2020, along with records of pre-existing accounts logged in during the said period.
Details included in the PII were emails, full names, home addresses with countries of residence and ZIP codes, IP addresses, server access tokens, and passwords of new users, both in cleartext and hashed with the unreliable MD5 algorithm.
Aside from these, technical logs with information on the newspaper’s backend servers and other related info were also present in the database.
According to the security team, all these exposed data make Le Figaro an easy target for threat actors.
"Finally, and most worrisome of all, the database was completely exposed to the public – with no password required to access it. Anyone with the knowledge of the database’s IP address could have gained access."
Once a cybercriminal gets access to the said info, it will be easier to launch successful attacks, such as follow-on phishing or identity fraud, against the organ and the individuals impacted by the leak.
“The exposed database was an excellent asset for anyone trying to attack Le Figaro’s backend systems. It could be leveraged in further cyber-attacks against the company, or to expose other flaws in their system, which could put both the company and its users at risk,” the researchers added.
Founded in 1826, Le Figaro was known to be the oldest and the largest national newspaper in France. Just recently, it had been dubbed to be “the most visited news site in France” following the statistics published by Médiamétrie / NetRatings showing that the site enjoys more than 23 million monthly visitors monthly.
The breach incident marks the latest addition to the list of other publicly-accessible, misconfigured, and unsecured ElasticSearch servers found online by security teams.
