A hacker has wiped, defaced more than 15,000 Elasticsearch servers
Found on ZD Net on Monday, 06 April 2020
The attacks appear to be carried with the help of an automated script that scans the internet for ElasticSearch systems left unprotected, connects to the databases, attempts to wipe their content, and then creates a new empty index called nightlionsecurity.com.
However, these types of destructive attacks were Elasticsearch data is wiped are not the first of their kind. In the spring and summer of 2017, multiple hacker groups engaged in database ransom attacks against multiple types of database technologies, including Elasticsearch.
Three years and ongoing, and people still put unprotected systems online. The pity is limited.