The protection of users’ data and information on the internet is a very sensitive issue. However, despite this, still very simple mistakes can be made by companies and millions of users’ data can be compromised.
User data was exposed because a browser firm left the Elasticsearch server unintentionally on the Internet. Estonian Blisk is the browser company that caused the disclosure of user data. The name of the browser developed by the company has the same name as the company.
The name of the Blisk browser based on Chromium may not sound familiar to you. We can say that the browser is a byproduct designed for web and application development communities. Blisk offers its users advanced developer tools support, device preview feature and project compatibility tools.
Used by more than 40 thousand companies
The browser, which was published in May 2016, managed to attract attention in the web development market. According to the information on the website, more than 40 thousand companies use the Blisk browser and among these companies are companies such as HP, Xerox, NASA, Unicef, UEFA, Vice News.
Moreover, this is not the first security problem the company faces. A data security issue arose in December of last year. Two researchers of vpnMentor, Noam Rotem and Ran Locar, stated that the company’s Elasticsearch server was exposed.
The researchers said they found personal information from thousands of web developers, in a statement to ZDNet. The information of these web developers was registered on Blisk’s website and browser. A total of 2.9 million records, 3.4 GB in size, arose.
vpnMentor stated that they informed Blisk on December 4 and that the next day the server was re-secured. The Blisk team, on the other hand, confirmed the leak event and stated that sensitive data did not appear in this leak. vpnMentor said that the data can be highly functional for an attacker.