Thomson Reuters, a multinational media conglomerate, left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format. Attackers could use the details for a supply-chain attack.

https://cybernews.com/security/thomson-reuters-leaked-terabytes-sensitive-data/

The Cybernews research team found that Thomson Reuters left at least three of its databases accessible for anyone to look at. One of the open instances, the 3TB public-facing ElasticSearch database, contains a trove of sensitive, up-to-date information from across the company’s platforms. The company recognized the issue and fixed it immediately.
Thomson Reuters provides customers with products such as the business-to-business media tool Reuters Connect, legal research service and database Westlaw, the tax automation system ONESOURCE, online research suite of editorial and source materials Checkpoint, and other tools.
The size of the open database the team discovered corresponds with the company using ElasticSearch, a data storage favored by enterprises dealing with extensive, constantly updated volumes of data.

Interesting, thanks for the info, I wonder if they will face legal issues over horrific mistake.

I never get my head around that hese companies who earns billions can't even hire a decent cyber security team.
Almost as they are begging to be hacked.

(October 28, 2022, 12:49 PM)MikroSub Wrote: I never get my head around that hese companies who earns billions can't even hire a decent cyber security team.
Almost as they are begging to be hacked.

It is less about hiring a good team and more about paying them a fair wage, giving them the respect they deserve, etc. A lot of these companies have great security teams but their work morale is 0, thus they just don't care.

(October 28, 2022, 01:23 PM)Mishka Wrote:

(October 28, 2022, 12:49 PM)MikroSub Wrote: I never get my head around that hese companies who earns billions can't even hire a decent cyber security team.
Almost as they are begging to be hacked.

It is less about hiring a good team and more about paying them a fair wage, giving them the respect they deserve, etc. A lot of these companies have great security teams but their work morale is 0, thus they just don't care.

Yeah, you got a valid point there, but in the end, it comes down to their own fault.
These things don't happen if the morale is up, they must have a crappy management team.

interesting info

thank you dude

(October 28, 2022, 01:23 PM)mishka Wrote:

(October 28, 2022, 12:49 PM)MikroSub Wrote: I never get my head around that hese companies who earns billions can't even hire a decent cyber security team.
Almost as they are begging to be hacked.

It is less about hiring a good team and more about paying them a fair wage, giving them the respect they deserve, etc. A lot of these companies have great security teams but their work morale is 0, thus they just don't care.

100%. Underfunded, overworked, and constantly trying to explain importance to retarded middle management. Executives don't give a fuck until shit like this happens then wonder what went wrong.

How come this huge companies never invest in good security?

(October 28, 2022, 02:13 PM)blu3spirit Wrote:

(October 28, 2022, 01:23 PM)mishka Wrote:

(October 28, 2022, 12:49 PM)MikroSub Wrote: I never get my head around that hese companies who earns billions can't even hire a decent cyber security team.
Almost as they are begging to be hacked.

It is less about hiring a good team and more about paying them a fair wage, giving them the respect they deserve, etc. A lot of these companies have great security teams but their work morale is 0, thus they just don't care.

100%. Underfunded, overworked, and constantly trying to explain importance to retarded middle management. Executives don't give a fuck until shit like this happens then wonder what went wrong.

Exactly my point, you can have the best team in the world and it won't make a difference if you pay them less than a Walmart employee and treat them worse than in a Amazon shipment center.