This is just not right to be able to go straight in and take them!!!
The databases contains critically-personal information, including names, email addresses, dates of birth, genders, and even social information.
http://zdnet3.cbsistatic.com/hub/i/r/2016/06/03/64c661bf-fc5c-4a90-831e-14354835e17d/resize/770xauto/3740cc863672137d65facb1660a9669d/upload-tktktktktk.jpg
By Zack Whittaker for Zero Day | June 3, 2016
A hacker has stolen an estimated 39 million account details -- simply by walking right in and taking them.
The renowned hacker, who goes by the moniker GhostShell, was able to download a vast but unknown number of databases from 110 different web-connected servers that didn't require credentials.
The hacker was able to use port-scanning tools -- including Shodan.io, a search engine for internet-connected devices -- to locate the databases, stored on public-facing servers running widely-used database software MongoDB.
Full Article
What is really required and an audit of all the worlds servers, etc., but given the numbers in use even a country based audit would be impractical. Perhaps what governments should consider doing is fining companies for breaches or malware activity in their networks that are the result of poor security processes, procedures or protocols?
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.