Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Top global network service provider apparently leaks hundreds of millions of user accounts

An abstract image of a cloud raining data.

A top global network service provider kept a database with sensitive internal and customer information unlocked on the internet, available to anyone who knew where to look. 

The breach was discovered by cybersecurity researcher Jeremiah Fowler, who reported it to its operator, who subsequently locked it down.

The company in question is Zenlayer, a global network services provider with more than 290 data centers across the world, and offices in Mumbai, Singapore, Hong Kong, and elsewhere.

Valuable data for hackers

Fowler found a non-password protected database with 380 million records, including Zenlayer internal data and customer information. The database, Fowler says, contained a “considerable number” of server, error, and monitoring logs, “that detailed internal information and customer data”.

Among the database’s files were folders with logging records labeled as “application”, “dashboard”, “vendor”, “notification”, “messaging”, “project management”, “workflow”, and “security”.

In one instance, Fowler found a name of a person that might be a dedicated salesperson within Zenlayer, assigned to specific accounts. In another, he found customer records of a company “described as a leading provider of international capacity for telecom carriers in Russia”. He also saw registration and filing documents which suggested the company was owned, in part, by a Russian state-controlled entity that was sanctioned by the West.

He also saw logs indicating VPN records and numerous IP addresses which, Fowler speculates, could be used by threat actors to map the network, identify potential targets, and plan for a future cyberattack.

While Zenlayer locked the database down as soon as Fowler reached out, the company never got back to him with any details. At press time, we didn’t know just how long the database went unprotected, or if anyone, potentially a malicious player, accessed it before. We also don’t know how many people, or organizations, could be affected by this misconfiguration. We have reached out to Zenlayer with a few questions and will update the article if we get a reply.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.