763M Email Addresses Exposed in Latest Database Misconfiguration Episode

  /     /     /  
Publicated : 23/11/2024   Category : security


763M Email Addresses Exposed in Latest Database Misconfiguration Episode


MongoDB once again used by database admin who opens unencrypted database to the whole world.



In February, a security researcher named Bob Diachenko found a MongoDB data instance containing four collections of data and a total of 150GB of data including approximately 763 million unique email addresses. The data instance was openly available and the data inside was stored in plain text. The personally identifiable information (PII)-rich instance is the latest MongoDB database to be hit in a breach totaling millions of records.
In the
blog post
announcing the discovery, Diachenko detailed the kind of data found in the records as well as the databases owner — Verifications.io. When informed of the data sets availability, the company took the site down very quickly; as of this writing, it is not yet back online.
While the data exposed in this incident is remarkable for its size, it is merely the latest in a significant series of data breaches and exposures involving MongoDB. In a January blog post at
Krebs on Security
, Brian Krebs noted that tens of thousands of MongoDB databases had been hit with ransomware. Those databases that used no authentication were particularly susceptible to the ransomware attacks.
Also in January, Diachenko discovered
another open MongoDB database
filled with personal information from job seekers. It is, it seems, quite easy to configure a MongoDB database in ways that open the door to thieves and attackers.
And that is really the issue. MongoDB can be configured in ways that are quite secure, but a novice developer who simply takes the default settings at every step in building a database will create a data set with no protection at all. The number of MongoDB instances makes the likelihood of that insecurity fairly high; a quick Shodan search shows 67,864 MongoDB installs around the world, with most — a bit over two-thirds — in the US. China is next when it comes to MongoDB use, with just less than half the number of instances found in the US.
MongoDB is popular in the cloud, as well. That same Shodan search shows that Amazon.com has 9,016 MongoDB instances, Digital Ocean hosts 4,966, Tencent cloud computing hosts 3,918, Microsoft Azure 2,849, and Google Cloud 1,931.
What is to be done about securing MongoDB databases? The most direct answer would be for the default settings to change, but MongoDBs status as
an open source project
makes that a process that is, at best, slow. The answer, instead, is in education for the admins and developers most likely to deploy MongoDB in their own instance. As Chris DeRamus, DivvyClouds CTO, wrote to Dark Reading in a statement, We live in a world where data is king — collecting, storing, and leveraging data is essential to running just about any type of business you can think of. All the more reason organizations must be diligent in ensuring data is protected with proper security controls.
MongoDB lists companies such as KPMG, Telefonica, and Eharmony as customers: Its obviously possible to configure and administer a MongoDB database in a way that is secure and in compliance with multiple regulations. Unfortunately, it is quick, easy, and cheap to launch a MongoDB instance that is a gift to criminals and a nightmare for its owners and their customers.
Related content:
More Than 22,000 Vulns Were Disclosed in 2018, 27% Without Fixes
Security Firm to Offer Free Hacking Toolkit
5 Expert Tips for Complying with the New PCI Software Security Framework
Exposed Consumer Data Skyrocketed 126% in 2018
8 Cybersecurity Myths Debunked
 
 
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industrys most knowledgeable IT security experts. Check out the
Interop agenda
here.

Last News

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
763M Email Addresses Exposed in Latest Database Misconfiguration Episode