Over 650 terabytes of data up for grabs due to publicly exposed MongoDB databases

ebusdk

Newbie
Joined
Dec 7, 2015
Messages
2
Reaction score
0
Over 650 terabytes of data up for grabs due to publicly exposed MongoDB databases

Most hits are on DigitalOcean, Amazon and Alibaba Group hosted solutions
Even if you are running latest version, you need to update the configuration files


This is the result of a scan performed over the past few days by John Matherly, the creator of the Shodan search engine for Internet-connected devices.
Matherly originally sounded the alarm about this issue back in July, when he found nearly 30,000 unauthenticated MongoDB instances. He decided to revisit the issue after a security researcher named Chris Vickery recently found information exposed in such databases that was associated with 25 million user accounts from various apps and services, including 13 million users of the controversial OS X optimization program MacKeeper.
 
I dont understand why anyone in their right mind would let the ports be open through the WAN interface without any restrictions.
 
Back
Top