Cyber Security Threat Summary:
“3CX, a popular Voice over Internet Protocol (VoIP) comms provider, was exposed due to the negligence of a third-party vendor. The vendor's open server left instances of Elasticsearch and Kibana vulnerable, leading to the discovery of the exposed data on May 15th. This discovery came to light nearly two months after the initial cyberattacks on 3CX, which had previously been targeted by North Korean hackers. The exposed data included call metadata, license keys, and encoded database strings, posing significant risks.

Cybernews researchers highlighted the insufficiency of 3CX's cybersecurity measures, as the exposed instances went undetected. The potential repercussions are alarming, as skilled attackers could exploit the data to infiltrate 3CX networks and gather valuable information or launch further sophisticated attacks. This incident underscores the importance of robust security practices and the need for organizations like 3CX to remain vigilant in safeguarding sensitive data” (SecurityAffairs, 2023).

Security Officer Comments:
The exposure of sensitive data from 3CX has raised concerns about the company's cybersecurity measures. The breach occurred due to the negligence of a third-party vendor, indicating a lack of oversight. The exposed data included call metadata, license keys, and encoded database strings, posing risks of unauthorized access and misuse. The delayed detection of the breach, which happened months after the initial cyberattacks on 3CX, questions the effectiveness of their monitoring and incident response procedures.

Suggested Correction(s):
Third-party risk assessments are essential evaluations conducted by organizations to assess and mitigate potential risks associated with engaging external vendors or partners. These assessments help identify vulnerabilities in the security practices of third parties, ensuring that they have adequate measures in place to protect sensitive data and comply with regulations. By conducting these assessments, organizations can proactively mitigate risks, maintain compliance, protect their reputation, and enhance their overall security posture. Overall, third-party risk assessments play a crucial role in managing the inherent risks associated with third-party relationships and safeguarding organizational assets.

Link(s):
https://securityaffairs.com/147677/security/3cx-data-exposed-third-party-to-blame.html