DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Dumb MongoDB admins spew 600 TERABYTES of unauthenticated data

Posted on July 20, 2015 by Dissent

Darren Pauli reports:

Shodan hacker John Matherly says system administrators have exposed some 595.2 terabytes of data by using poorly-configured or un-patched versions of the popular MongoDB database.

eBay, Foursquare, and The New York Times are some of the prominent users of the open source MongoDB which is the most popular NoSQL database.

Matherly says the near 30,000 databases are exposed through the use of older versions of the platform that fail to bind to localhost.

“There’s a total of 595.2 TB of data exposed on the internet via publicly accessible MongoDB instances that don’t have any form of authentication,” Matherly says.

Read more on The Register.

Related Posts:

  • Number of leaking MongoDB databases increasing:…
  • Tens of thousands MongoDB databases easily…
  • Despite warnings earlier this year, tens of…
  • MongoDB ransacking starts again: Hackers ransom…
  • How long does it take for a MongoDB to be…

Post navigation

← More escort-related services hacked
Saskatchewan Cancer Agency patient privacy breach →

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • Update: Cardiovascular Consultants Ltd. ransomware attack reportedly affected 500,000 patients, guarantors, and staff
  • Data breach by Addenbrooke’s Hospital reveals patient information
  • Millions of patient scans and health records spilling online thanks to decades-old protocol bug
  • Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)
  • Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
  • CBIZ KA Notice of Data Privacy Incident (Prime Healthcare)
  • Seeking clarification on Maine’s data breach notification statute
  • East River Medical Imaging notifies 605,809 patients of breach

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net