A security researcher found an unsecured MongoDB’s customer database containing personal details of 11 million users. In the initial investigation, it appears that the database belongs to an email marketing firm based in California.
The breached database has a dataset of 43.5GB, which includes full names, email addresses (all of them were Yahoo emails), gender information, and physical addresses such as state, city, and ZIP code for 10,999,535 users.
Independent security researcher Bob Diachenko discovered an unprotected server by scanning the internet using publicly available tools. While doing the research he found out that the dataset was last modified by Shodan search engine on September 13, he could not found out for how long it was open for access.
The database had a table named “Warning” that contained a data with the following text:
“Your Database is downloaded and backed up on our secure servers. To recover your lost data: Send 0.4 BTC to our BitCoin Address and Contact us by email with your server IP Address and a Proof of Payment. Any eMail without your server IP Address and a Proof of Payment together will be ignored. You can apply for a backup summary within 12 hours. Then we will delete the backup. You are welcome!”
This is not the first time when MongoDB’s unprotected database was found, this month only Diachenko has spotted two instances.