11M Records of E-Marketing Data Exposed Online From Unsecured MongoDB Instance. With the running time, there has been development in almost everything. Comparatively, the growth in the technology world is extreme. Along with the development of technology the threats towards them has also increased massively. Each day we hear news about the data breach, expose of data, attacks on online portals and among others.
Just recently there caused a Massive Veeam data leakage from misconfigured MongoDB Server which exposed 200GB of data consisting of approx 445 million records. While the incident is very fresh, here we bring another similar event. This time an unsecured MongoDB exposed million of e-marketing data.
E-Marketing Data Exposed 11 Million Records Online
As per the study made by security researcher Bob Diachenko, an unprotected MongoDB instance exposed millions of e-marketing data on online. The database allegedly harmed 11 million records that consisted of personal details of the customers.
During his study over open MongoDBs on Shodan, he figured out a “huge customer base” exposed online. As stated in his article on LinkedIn,
“The data was available from an unsecured MongoDB instance set up on Grupo-SMS hosting infrastructure, and could be accessed by anyone from Sept 13th on (when Shodan last indexed it).”
Reportedly, a dataset of 43.5GB that precisely included 10,999,535 email addresses was founded by him. Surprisingly, all of them were Yahoo-based. Along with the email addresses, the database also included other personal details such as names, gender, and home addresses.
Leaked Database Taken Offline
As mentioned by Diachenko, it took him a while to detect the source of the database, since he was unable to find any clues anywhere. However, a single hint guided him towards SaverSpy – a marketing firm powered by Coupons.com. He then made contact with the firm to notify them of the breach. Although he didn’t receive a response at the time, he later observed that the database was taken offline.
Nonetheless, he made another observation about this database which is very interesting.
“That MongoDB in question has already been tagged as ‘Compromised’ in Shodan and contained ‘Warning’ database with ‘Readme’ collection and ransom note demanding 0.4 BTC for recovering the data. However, at the time of unearthing, all data were intact.”
Bob Diachenko has stated several instances in the past where he discovered data exposed online from open MongoDBs. Before the two weeks of Veeam data breach, he also found 200,000 documents leaked online from a public server. Though the present incident doesn’t show anything unique, it indeed reinforces the need for various organizations to review their database security measures.