More than a million records with comprehensive user data were leaked.
Around a million Russian households may have had their credentials, logs, network configurations, and other sensitive details leaked following the compromise of a network equipment database.
According to Cybernews researchers, more than 1.03 million records with comprehensive user data and 929,501 records with device information were leaked following the compromise of network equipment vendor Keenetic's Mobile App database.
The breach also exposed 558,371 device configuration records and service logs with more than 53.8 million records.
"This incident highlights the importance of secure development and hosting practices within supply chains,” said researchers. “All vendors, including Keenetic, and their development partners, need to implement stringent data protection protocols, as this leak painfully demonstrates.
Researchers emphasised the potential exploitation of exposed admin credentials to escalate privileges and facilitate malicious firmware deployment.
However, Keenetic, which confirmed addressing the unsecured database two years ago, shared the low odds of any malicious activity stemming from the exposure.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
