Zenlayer leaks over 380 millon records due to misconfigured cloud database
Learn More
A cybersecurity researcher uncovered a critical data leak involving ZenLayer, a prominent provider of on-demand cloud services. ZenLayer, with its headquarters in Los Angeles and Shanghai, is recognized for offering an array of connectivity solutions like SD-WAN, CDN, and cloud services, and operates over 290 data centers worldwide.
This data leak stems from a misconfigured cloud database that was not protected by a password, exposing over 380 million records, encompassing both internal company data and sensitive customer information.
The exposed database, containing 384,658,212 records and totaling 57.46 GB, included:
- access and secret keys
- access logs that record server requests
- error logs that capture issues encountered by the server
- security logs detailing security events,
- system logs covering system-level events
- VPN records revealing numerous IP addresses
- customer names,
- customer email addresses,
- customer phone numbers,
- billing methods,
- customer business names, and employee numbers,
- customer company registration details that pointed to a telecom firm partially owned by a sanctioned Russian entity suspected of engaging in BGP hijacking.
Despite Fowler's immediate responsible disclosure notice to ZenLayer, there was no initial response from the company, although the misconfiguration was rectified the following day to secure public access. The company has since acknowledged the data leak and is reportedly working with Fowler to investigate the breach further.
The duration for which the database remained exposed and whether it was accessed by unauthorized parties remain uncertain. The full extent of the impact and the number of individuals affected by the ZenLayer data leak are yet to be determined.
