A hacker has wiped, defaced more than 15,000 Elasticsearch servers

Got one or more Elasticsearch servers running? Time to check if they’re exposed…:

[…] Furthermore, while looking into this issue, Wethington also identified a second hacker who is also targeting Elasticsearch servers. This attacker is breaking into unsecured servers and leaving a message telling victims they’ve been hacked and urging them to reach out via email. Currently, only 40 servers have this message, suggesting the attack is small in scale.

[…]

Original Article