DarkBeam, a digital risk protection firm, inadvertently left an Elasticsearch and Kibana interface unprotected, resulting in the exposure of records from previous and unreported data breaches. This data leak has provided cybercriminals with access to user emails and passwords, presenting them with nearly limitless attack capabilities. The leaked data includes collections of login pairs, making it particularly dangerous for individuals as it can enable malicious actors to carry out targeted phishing campaigns. While previous leaks have occurred, this compilation of data poses a significant threat to affected users. DarkBeam has yet to respond to inquiries about the incident.
https://securityaffairs.com/151566/security/darkbeam-data-leak.html