Cybernews reports that more than 40 million SMTP records, including email addresses and traffic metadata from leading corporations DHL, L'Oreal, Renault, and Hermes, have been inadvertently exposed by French email solutions firm Alinto as a result of an unprotected Elasticsearch cluster.Also leaked by the misconfigured cluster which is hosted by a server that also caters to Alinto's Cleanmail.eu email security relay solution and has since been secured by Alinto were at least 14,000 unique French government email addresses, including those belonging to municipalities, government agencies, and embassies around the world, according to Cybernews researchers. While no email content has been compromised, threat actors could conduct cross-referencing for targeted intrusions."Since Alinto offers email management solutions, when they expose client company email traffic, the potential attack surface becomes much bigger from the amount of client companies alone compared to leaking email traffic of a couple of companies communicating with each other," said researchers.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




