In response to a recent attack on open-source databases where data was copied, deleted, and held for ransom without using traditional ransomware, Elasticsearch emphasized the importance of securing instances that are accessible over the Internet. The attack highlighted the necessity of implementing proper security configurations to prevent data loss or breaches. Elasticsearch recommends that users secure their deployments by using TLS encryption, user authentication, and role-based access control, which are now included for free in the default distribution of Elastic Stack 6.8/7.1 or later. It advises against exposing unsecured instances directly to the Internet and suggests using firewalls, VPNs, or reverse proxies to restrict access if Internet-facing deployment is unavoidable. Elastic Cloud SaaS offerings come with built-in security measures, including X-Pack security with randomly assigned passwords, redundant firewalls, and encrypted communication, ensuring customer data protection. For those less familiar with these security practices, Elasticsearch encourages utilizing their cloud service where security configurations are automatically managed.