Millions of Georgian citizens’ personal data exposed in cloud database leak

A massive and concerning data breach has left sensitive information about millions of Georgian citizens potentially vulnerable to exploitation. An unsecured Elasticsearch index containing records far exceeding the Republic of Georgia’s population appeared on a cloud server hosted by a Germany-based service provider before disappearing.

The breach was uncovered by cybersecurity researcher Bob Dyachenko of SecurityDiscovery.com and the Cybernews research team. The exposed database, hosted on Elasticsearch—a platform widely used for real-time data analytics and search—contained nearly five million personal data records and over seven million phone records, some of which included additional identifying information. These figures suggest significant duplication or inclusion of deceased individuals, given Georgia’s population of just under four million.

The leaked data contained highly sensitive personal details, including ID numbers, full names, birthdates, genders, certificate-like numbers (potentially related to insurance), and phone numbers with descriptive owner information.

Part of the dataset appears to be linked to a 2020 data breach but includes additional information, such as 7.2 million phone records and 1.45 million car owner details. Dyachenko noted that the information seems to have been aggregated from multiple sources, possibly including governmental and commercial datasets, as well as number identification services.

The server hosting this unprotected index was taken offline shortly after its discovery, closing public access to the data. However, the entity’s identity managing the Elasticsearch index remains unknown, leaving significant questions about accountability and ownership unanswered.