Public Elasticsearch clusters are being held ransom
You can use shodan.io to search for Elasticsearch clusters: https://www.shodan.io/search?query=port%3A9200+json&language=en.
The first hit is actually a cluster that is ‘infected’:
There are some secured clusters as well:
But the default ‘root’ account with username “elastic” and password “changeme” (docs) will grant access. So not much security here… But at least your data is still there. For now.
Please do not connect your cluster to the internet without securing. Use X-Pack Security for authentication and authorization.
Elastic Cloud could also be something for you. Security in Elastic Cloud is default.