September 19th, 2018 By Lisa Vaas
Yet another MongoDB database instance has been found belly-up, unprotected and exposing 11 million customer records.
Former Kromtech security researcher Bob Diachenko, who made the discovery on Monday, said the database instance was revealing records that included personal details such as email addresses, full name, gender, and physical addresses (zip code, state, city of residence). The database also contained DNS data and information on server response.
To be precise, the 43.5GB dataset contained 10,999,535 email addresses, all of them Yahoo-based.
There weren’t many indications of who the database belongs to. The database name itself gave no indication of ownership – nor did the exposed data include administrator emails, system logs or host information.
Full Article.
Here we Mongo again! Millions of records exposed by insecure database
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.