Over 650 terabytes of data up for grabs due to publicly exposed MongoDB databases

[InfoSec News <alerts () infosecnews org>]

http://www.networkworld.com/article/3015999/over-650-terabytes-of-data-up-for-grabs-due-to-publicly-exposed-mongodb-databases.html

By Lucian Constantin
IDG News Service
Dec 16, 2015

There are at least 35,000 publicly accessible and insecure MongoDB 
databases on the Internet, and their number appears to be growing. 
Combined they expose 684.8 terabytes of data to potential theft.

Matherly originally sounded the alarm about this issue back in July, when 
he found nearly 30,000 unauthenticated MongoDB instances. He decided to 
revisit the issue after a security researcher named Chris Vickery recently 
found information exposed in such databases that was associated with 25 
million user accounts from various apps and services, including 13 million 
users of the controversial OS X optimization program MacKeeper.

Matherly's new results show an increase of over 5,000 insecure MongoDB 
instances since July, a somewhat surprising result giving that newer 
versions of the database no longer have a default insecure configuration.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/