The messenger logo

Ghost Database Leak Exposes Millions of Georgian Citizens' Data

By Liza Mchedlidze
Monday, January 27, 2025
A massive data leak involving millions of Georgian citizens has raised serious cybersecurity concerns after appearing on a cloud-based server and vanishing just as mysteriously, according to Cybernews. The leaked data, left unprotected, could leave sensitive personal information vulnerable to misuse by malicious actors.

The breach was discovered by cybersecurity expert Bob Dyachenko, owner of SecurityDiscovery.com, and the Cybernews research team. They identified an unsecured Elasticsearch index-a platform often used for real-time data analytics and search-hosted on a server owned by a German-based cloud service provider.

The leaked database reportedly includes records for nearly five million individuals and over seven million phone entries linked with personal information. While some data may have been duplicated or included deceased individuals, the exposed details are alarming: ID numbers, full names, birth dates, genders, certificate-like numbers (potentially insurance information), and descriptive phone records.

According to Dyachenko, the data appears to have been aggregated from multiple sources, possibly including government or commercial datasets and number identification services. The entity responsible for managing the Elasticsearch index, however, remains unidentified.

The server was taken offline shortly after the breach was detected, preventing further public access to the exposed information.

Dyachenko warned that such data could be weaponized by threat actors for both political and criminal purposes. "State-sponsored hackers can exploit the leak for political manipulation, disinformation campaigns, or targeted harassment," he said. "Meanwhile, profit-seeking hackers can use the data for various malicious activities."

Cybernews cautions that the exposed information increases the risk of identity theft and financial crime, as cybercriminals may impersonate individuals or deploy social engineering techniques to hijack accounts.