Internal documents, officer health records, and personnel files belonging to India’s Central Industrial Security Force were spilling online because of a data security lapse.
A security researcher in India, who asked not to be named for fear of retaliation from the Indian government, found a database packed with network logs generated by a security appliance connected to CISF’s network. But the database was not secured with a password, allowing anyone on the internet to access the logs from their web browser.
The network logs contain detailed records of which files on CISF’s network were accessed or blocked because of security rules. Because the logs contained full web addr …
