Database belonging to Shanghai Jiao Tong University was exposed which led to exposure of 8.4TB of email metadata after failing to implement basic authentication demands.
The exposed server was discovered on May 22, 2019, by Cloudflare Director of Trust & Safety Justin Paine. Paine described in the Rainbowtabl.es security blog that he found the ElasticSearch database through a Shodan search.
The open database consists of 9.5 billion rows of data which was active during the time of discovery as its size increased from 7TB on May 23 to 8.4TB the next day.
Shanghai Jiao Tong University is a large academic institution based in China and the university caters for over 41,000 students in undergraduate to Ph.d. capacities.
The information in the database was packaged up through Zimbra which is a popular open-source email solution used by over 200,000 businesses worldwide.
According to the researcher, the bulk email cache related to email sent “by a specific person,” included the IP addresses and user agents of those checking their email.
The email threads between specific users were seen but it is important to note that only the metadata was involved and neither subject lines or email body content was exposed.
After discovering the leak, Shanghai Jiao Tong University was notified of the open server and the leak was plugged within 24 hours. It is believed that the impacted students were not notified regarding the issue.