Articles by Bob Diachenko





Auchan France Left Digital Keys Exposed

On March 21, 2019, I have discovered a publicly available service instance which appeared to contain credentials and login details to Auchan E-Commerce infrastructure. IP with Marathon and Zookeeper instances was indexed by public search…






Delhi Citizens Data Leak

On Feb 19, 2019, I have discovered a MongoDB that required no password. The database was located in an India region which (along with other data) also contained highly sensitive information collected on 458,388 individuals…


Large eAccounting Data Breach in Mexico

On January 22, 2019, we have identified a passwordless MongoDB database with almost 5 Million records labeled as CFDI  (short for Comprobantes Fiscal Digital por Internet) – the electronic billing schema defined by the Mexican federal tax…