Security researcher Justin Pain on Friday, January 18, discovered an open and unprotected database from the ElasticSearch server. Free access was 108 million users from an online casino group, which includes such sites like Kahunacasino.COM, AZUR-CASINO.COM, EASYBET.COM and VIPROOMCASINO.Net.
These companies use ELASTICSEARCH servers to improve their web applications and search capabilities. Such servers must be securely protected and remain offline, as they often contain the most important data for companies. These data are usually focused around client operations and other personal user data. Such servers are usually installed on internal networks and are not intended to stay open on the Internet, as they process the most confidential information.
Justin Pein analyzed the URL found on the server and concluded that they were all from a large company or partnership scheme. These URLs have been used to work with several Internet portals for rates in online casino. Not all open domains belonged to the same company. However, all of them were registered in the same building in Limassol in Cyprus. Also all these companies use the same egaming license issued by the Government in the Caribbean. This suggests that they all belong to the same head company.
In the user data contained on the open server, there are home addresses, names, email addresses, as well as remnants of user accounts and all their game history. Also Pain found about 108 million records containing information on current rates, winnings, deposits and removal of funds. All details of the player payment cards are also included in the deposit and removal data.