mongodb

Blog, Data Breach, ipv6, mongodb August 14, 2019

Home and Family Job Search Engine Exposed Its Database

FamilaFacil, a Madrid-based home and family job search platform, has exposed its MongoDB database with details on their users and candidates. This was the first time I discovered an unprotected instance sitting in IPv6 environment…

Like this story? Please share it!

Blog, Data Breach, Data Security Education, mongodb August 8, 2019

Sex Sells! Spanish Chain of “Men’s Clubs” Exposed Its Database

On August 4th I discovered an open and unprotected MongoDB database which appeared to be part of a Spanish company managing a chain of “men’s clubs” across the country. IP with the database in question…

Like this story? Please share it!

Blog, Data Security Education, mongodb, Opinion Article July 29, 2019

Even randomized dummy data should be protected

A database belonging to online voting system provider Everyone Counts has been exposed, leaving what appears to be “randomized and anonymized” data used to simulate millions of voters and election workers open to the public….

Like this story? Please share it!

Blog, Data Breach, mongodb May 29, 2019

London-based Marketplace Accidentally Exposed Personal Details of its Customers

In another MongoDB-related misconfiguration incident, a UK-based company exposed personal and payment data of several hundreds of its customers. On May 21st, I have identified an open and unprotected MongoDB instance, with no password/login needed…

Like this story? Please share it!

Data Breach, mongodb May 9, 2019

Massive SMS Bombing Operation Uncovered In Passwordless Database

SMS marketing has been an increasing problem with the rise of scripts and applications and that send literally countless messages as fast as they can be sent. On April 11th, I discovered an open and…

Like this story? Please share it!

Data Breach, database, mongodb May 8, 2019

Database With Millions of Indian Personal Records Exposed and Hijacked

On May 1st, I have discovered an unprotected and publicly indexed MongoDB database which contained 275,265,298 records with personal identifiable information (PII) on Indian citizens, including the following fields: Name Email Gender Education level and area…

Like this story? Please share it!

Data Breach, database, mongodb May 3, 2019

AMC inadvertently exposed its subscribers database for Sundance Now and Shudder services

On May 1st I have discovered an unprotected and publicly available MongoDB instance which appeared to contain data related to AMC Networks’ premium streaming offerings – Sundance NOW and Shudder. Although no sensitive information was…

Like this story? Please share it!

Blog, Data Breach, database, mongodb April 18, 2019

Iranian Ride-Hailing App Database Exposure

On April 18th, during our regular security audit of nonSql databases with BinaryEdge search engine, I have discovered an open and publicly available MongoDB instance which contained astonishingly sensitive information on Iranian drivers. Information was…

Like this story? Please share it!