cybernews investigation team discovered an insecure, publicly accessible Kibana ElasticSearch database dashboard containing confidential data from the French software company Apodis Pharma.
Apodis Pharma is a company that provides digital supply chain management platforms and other software solutions for pharmacies, medical institutions, pharmaceutical laboratories and medical insurance companies. The drug sales data discovered by the
pharmaceutical company includes the detailed information of the drug sales data warehouse, including the drug sales data.
On November 17, Apodis Pharmaceuticals closed the database, and the public can no longer access the database. What is in the
database?
The insecure Apodis Pharma ElasticSearch database contains seven unique indexes, including:
confidential drug shipment data, shipment storage status, the exact time and place where the seller or distributor picks up the goods, and the archives of the number of drugs shipped.
More than 25,000 partner and customer organizations, such as pharmaceutical laboratories and pharmacies, served by Apodis Pharmaceutical Distribution Platform.
The two product files stored in Apodis Pharmaceutical Customer Warehouse contain 17,324,382 entries and 32,960,114 entries, respectively. The archive includes product data, such as product quantity and ID, and warehouse data.
Confidential product sales data file, containing 17,556,928 quarterly entries, including sales date, location, price, and the number of sales between Apodis pharmaceutical customers (such as pharmaceutical laboratories and pharmacies).
A user data file containing 4436 entries, including what appears to be the full names of Apodis Pharmaceuticals’ customers, partners, and employees.
Visualization and analysis of consumer and customer data, including consumer gender statistics, and possibly confidential customer sales and warehouse inventory charts.
stores confidential customer and patient data on publicly accessible servers on a global scale without any type of authentication process, which is very dangerous, especially for pharmaceutical-related organizations.
Who has access to the database?
At the time of writing this report, it is not clear who has access to the public Apodis pharmaceutical database.
However, the database has been indexed on at least one popular Internet of Things search engine, which means that there is almost no doubt that the data has been accessed and downloaded by external parties for potentially malicious purposes.
What is the impact of the Apodi Pharmaceutical Company’s leak?
Unauthorized access to the database by malicious actors will not only cause huge losses to Apodis Pharmaceuticals' customers, but also cause huge losses to countless unsuspecting patients across France. The
attacker may leak confidential information, seriously damage the trust of the company, or blackmail Apodis Pharma and its customers by hijacking the database and taking it hostage.
Malicious actors intending to disrupt the French pharmaceutical supply chain may interfere with the names, prices, addresses and product IDs of customers and patients, causing widespread confusion, confusion and (potential) drug shortages in more than 25,000 laboratories and warehouses , And pharmacies all over France. The
intruder can download the database and sell it to a competitor of Apodi Pharmaceuticals customers, who will be able to make business decisions based on the confidential information found in the database.
"Unfortunately, server-side data leaks like this are still common today. Although some companies may think that making their Kibana dashboards open to the public is no big deal, 1.7 terabytes of information is a big deal for cybercriminals. Very attractive target. Malicious actors take the opportunity to steal or blackmail such a large amount of company data. After noticing a misconfiguration, they can start investigating the company’s other defensive measures, looking for other more profitable blind spots, which may cause The damage is more serious than the initial leak. This is why all organizations—from small businesses to the largest multinational corporations—should make sure to strengthen their cyber defenses before it’s too late.”
[Source: securityaffairs.co】
