Illumina Sequencers On The Internet
I was recently poking around on the Internet looking for sequencers… as you do. And came across ~50 Illumina sequencers exposing their web interfaces to the open Internet. Of those I tested ~15% allowed unsecured access showing a complete list of runs, which it seems like I could potentially delete/edit1:
Here are the others, a MiSeq and NextSeq, one offline instance, there’s also an additional iSeq (ID is listed below).
I assume this is because these instruments have user management turned off:
Which I guess I could turn on…
If you want to check if this is your instrument, the IDs are: MiSeq HWI-M07533, NextSeq NB551631, ISEQ FS10000673 and DESKTOP-P08P693.
Of the 50 instruments most were in the US and Eleven were as UCSD! Obviously most of these don’t have user management turned off, but given that Illumina instruments have had security issues in the past, having them sitting on the open internet isn’t a great idea anyway…
So if you’re running a sequencer, might be just as well to check it’s not globally accessible!
I’ve followed up on this to attempt to get these instances secured. However at the time of writing all these instances are still online several days later. I’ve also hopefully only included enough information below for the instrument owners to identify the devices. However… if you wanted to find the IP addresses/URLs yourself it’s almost trivial so I don’t think I’m giving much away anyway…