GhostShell hacker leaks 39 million accounts in security "protest"

  • 3 June 2016
  • 1 reply
  • 1 view

Userlevel 7
Badge +54
This is just not right to be able to go straight in and take them!!!
 
The databases contains critically-personal information, including names, email addresses, dates of birth, genders, and even social information.
 
                              http://zdnet3.cbsistatic.com/hub/i/r/2016/06/03/64c661bf-fc5c-4a90-831e-14354835e17d/resize/770xauto/3740cc863672137d65facb1660a9669d/upload-tktktktktk.jpg
 By Zack Whittaker for Zero Day | June 3, 2016
 
A hacker has stolen an estimated 39 million account details -- simply by walking right in and taking them.
 
The renowned hacker, who goes by the moniker GhostShell, was able to download a vast but unknown number of databases from 110 different web-connected servers that didn't require credentials.
 
The hacker was able to use port-scanning tools -- including Shodan.io, a search engine for internet-connected devices -- to locate the databases, stored on public-facing servers running widely-used database software MongoDB.
 
Full Article

1 reply

Userlevel 7
What is really required and an audit of all the worlds servers, etc., but given the numbers in use even a country based audit would be impractical. Perhaps what governments should consider doing is fining companies for breaches or malware activity in their networks that are the result of poor security processes, procedures or protocols?

Reply