InfoSecBulletin Cybersecurity for mankind
Cybernews reported that Elasticsearch cluster exposed billions of primary Chinese records, cantaining over 160 indices. The leaked data has the record of national citizen ID numbers to various business records. Cybernews dubbed it the massive leak is among the largest single Elasticsearch exposures ever recorded.
On January 1st 2026, the Cybernews research team discovered 8.73 billion Chinese records exposed online. The exposed data was on a large Elasticsearch cluster. Businesses use Elasticsearch for fast sorting, real-time searches, and scalability. Our team found a cluster with 163 indices containing billions of records.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
A large data cluster was found in early 2026 and stayed accessible for over three weeks. There’s no evidence of misuse, but if our researchers discovered it, others could have as well.
“Despite the short exposure window, the scale of the dataset means that automated scraping during this period could have resulted in widespread secondary dissemination,” cybernews researchers said.
Bob Diachenko, a Cybernews contributor and cybersecurity researcher, discovered a significant data cluster. He noted that the metadata indicates data was imported as recently as late 2025.
“The presence of timestamps and import dates points to a long-running aggregation effort rather than a single historical breach,” the team explained.
The Cybernews report claim that leaked data includes personal identifiers, contact details, government IDs, online account information, and credentials at an unprecedented scale. The info categorize like personally identifiable information (PII), account and platform data, authentication data, as well as corporate and business records.
Researchers found the exposed cluster to be well-organized and segmented by data type, including phone-centric, ID-centric, and account-centric datasets.
“The infrastructure was hosted on a bulletproof hosting provider, commonly associated with high-risk or non-compliant data operations. Moreover, the dataset structure and scale suggest intentional aggregation, not accidental logging or misconfiguration by a single consumer service,” the researchers said.
