Several months ago, one searching functionality of our SaaS under development went down strangely. The server responded error 500 for according web requests. Obviously, the API was still working but there was internal error inside the API function. In the first place, I thought it was the according DB container who went down, however I saw all containers were running normally. After a close investigation, I found that the ES database seemed to be empty. Very weird! So I opened a terminal window, connected to ES and checked all the indices. I saw the information below:
This hacker claimed he had "backed up my database" and demanded 1 bitcoin for retrieving the data. WTF! The price of 1 bitcoin now is about 37K dollars.
This ransom is ridiculously high for me. Fortunately, this db was for test only (that's why it was binded to default port and not secured by password) and the data were backed up beforehand.
I learned some important lessons from this incident though: 1 cypersecurity is very important and one should always pay attention; 2 one should always back up the important data in one or more copies; 3 secure databases and server with strong passwords and use non-default ports
Top comments (0)