France suffered a massive data breach that affected 95 million people, including phone numbers, email addresses and partial payment information. The leak occurred due to an accidentally exposed Elasticsearch database that was accessed without authorization.
An unknown actor collected personal information from various data breach incidents in France and stored it in a single database. Cybersecurity expert Bob Dyachenko discovered an open Elasticsearch server containing more than 95 million records. This server was not properly secured and contained data originating from various known security breaches such as Lycamobile, Pandabuy, Snapchat and others.
The data leak includes names, phone numbers, IP addresses and partial payment information, putting millions of people in France at risk. The database was likely collected from various incidents without proper legal basis and left open due to misconfiguration.
Elasticsearch is a real-time data analytics tool. However, in this case, the database remained open without authorization. The breach spans multiple sectors such as telecommunications, e-commerce and social media, making this incident particularly serious for security.
Affected companies and organizations should strengthen their cybersecurity measures and ensure GDPR compliance to avoid similar leaks in the future.https://www.instagram.com/accounts/password/reset/