LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

Zenlayer Breach: 384,658,212 Reasons Why This One is a Doozy

Zenlayer OopsA security research was scouring the dark and other webs recently and came across a 57GB file that had over 380 million records in it.  With a little deducation, he concluded it belonged to Zenlayer, a global network services provider playing in the SD-WAN, CDN, and other network spaces.  They have nearly 300 datacenters in six continents.

And their back office was just cracked open:

What’s truly alarming is that this treasure trove of data wasn’t safeguarded by even a basic password. It was out there in the open, accessible to anyone, including those with malicious intent. Essentially, it was a “come and take it, no questions asked” scenario, leaving the door wide open for potential exploitation by threat actors.


The danger with this kind of information is manyfold:

  • Further Hacks: The more info an attacker has, the easier it is to leverage more attacks.  In this case, the hacker knows customer info, what services they have and where, etc.
  • Impersonation: A social engineer can contact these customers and effectively impersonate a Zenlayer employee.  “Please verify your bank information”, “your payment didn’t go through, can we process another way,” etc.
  • Sale of Personal Info: Easy to monetize millions of people’s info if it contains things like name, address, phone number, date of birth, etc.

Zenlayer commented:

We’re aware of the data exposure, have patched the issue, and are engaged with the researcher who originally discovered the data leak. We’ll provide additional information when the investigation is complete.

Full story on HackRead.


No Comments

    Leave a Reply

    Some notes on commenting on LowEndBox:

    • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
    • Akismet is used for spam detection. Some comments may be held temporarily for manual approval.
    • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

    Your email address will not be published. Required fields are marked *