Another MongoDB database exposes personal data of 66M users

Another MongoDB database exposes personal data of 66M users

Another day, another data breach – This time, the IT security researcher at HackenProof have discovered a massive trove of personal data of over 66 million users exposed online due to an unprotected MongoDB database.

In October and November 2018, HackenProof’s security researcher Bob Diachenko identified several unprotected MongoDB instances believed to be hosted by a data aggregator on different IP addresses containing a total of 66,147,856 unique records.

See: Private data of more than 82 million US citizens left exposed

The owner of the data couldn’t be identified but it is believed to have been scraped from LinkedIn hence and titled “You’ve Been Scraped” by researchers. The exposed records included full names, both work, and personal email addresses, phone numbers, IP addresses, job titles, person’s location details, employment history, skills and links to the individuals’ LinkedIn profiles.

Another MongoDB database exposes personal data of 66M users
Screenshot of the exposed data (Image credit: HackenProof)

It is noteworthy that lately, MongoDB databases have been making headlines for all the reason. Previously, on several occasions, Diachenko highlighted the critical vulnerability and lack of authentication affecting MongoDB. In one such case, Diachenko conducted an interesting test by purposely leaving a MongoDB database exposed to the public and kept an eye on the incoming connections. 

See: Cloud data firm exposes database with 440M emails & IP addresses

This practice is called as honeypot which is a security mechanism set to detect and counteract attempts at unauthorized use of information systems. According to Diachenko, the honeypot database contained 30GB of fake data. Little did they know, it took only three hours for hackers to identify the database before wiping out its data in just 13 seconds and leaving a ransom note demanding 0.2 Bitcoin.

To know if your personal information was exposed to this breach you can visit HaveIbeenPwned and enter your email in the search bar. If your data was among the breach the website will show you what type of data was compromised. Moreover, HaveIbeenPwned has already sent email alerts to targeted users, therefore, check your junk box.

“Cybercriminals can use private information to steal your identity and make financial transactions in your name, including taking out loans and opening bank accounts etc,” Diachenko warned. “By getting access to your calendar, planner or travel itinerary it gives them the inside knowledge of when your house might be empty, so they can break in or potentially do something even worse.”

Stay safe online.

Related Posts