Menu
Over 650 terabytes of data up for grabs due to publicly exposed MongoDB databases

Over 650 terabytes of data up for grabs due to publicly exposed MongoDB databases

Security researchers sound alarm on "very serious" privacy problem

There are at least 35,000 publicly accessible and insecure MongoDB databases on the Internet, and their number appears to be growing. Combined they expose 684.8 terabytes of data to potential theft.

This is the result of a scan performed over the past few days by John Matherly, the creator of the Shodan search engine for Internet-connected devices.

Matherly originally sounded the alarm about this issue back in July, when he found nearly 30,000 unauthenticated MongoDB instances. He decided to revisit the issue after a security researcher named Chris Vickery recently found information exposed in such databases that was associated with 25 million user accounts from various apps and services, including 13 million users of the controversial OS X optimization program MacKeeper.

Matherly's new results show an increase of over 5,000 insecure MongoDB instances since July, a somewhat surprising result giving that newer versions of the database no longer have a default insecure configuration.

MongoDB versions 3.0 and newer only listen to "localhost," so they don't accept remote connections from the Internet. Yet, version 3.0.7 accounts for the largest number of exposed installations (3,010) found by Matherly and version 3.0.6 is also in the top five with 1,256 instances.

"The fact that MongoDB 3.0 is well-represented means that a lot of people are changing the default configuration of MongoDB to something less secure and aren't enabling any firewall to protect their database," Matherly said in a blog post Tuesday. "It could be that users are upgrading their instances but using their existing, insecure configuration files."

The majority of the insecure MongoDB instances are hosted on cloud computing platforms run by DigitalOcean, Amazon.com and Alibaba Group.

If the information found by Vickery, such as names, email addresses, birth dates, postal addresses, private messages and insecure password hashes, are an indication of what's in the other exposed databases, then the problem is very serious; and it's not just limited to MongoDB.

"I can't stress enough that this problem is not unique to MongoDB: Redis, CouchDB, Cassandra and Riak are equally impacted by these sorts of misconfigurations," Matherly said.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Slideshows

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

Ingram Micro completed its nationwide roadshow in Auckland last month, kicking off its Innovation Hour series with Hewlett Packard Enterprise. Uncovering the latest in storage, networking and servers, the event outlined key market trends for resellers in 2016 and beyond.

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise
IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

FireEye welcomed 143 channel partners and distributors to FireEye's 2016 annual Partner Conference, FireEye A/NZ Momentum - held at Establishment in Sydney. Delegates heard from senior trans-Tasman channel leaders, marketing and the product divisions in the morning, with FireEye customers, incident responders and threat intelligence analysts sharing knowledge during the afternoon.

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference
​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​

With New Zealand businesses now open to innovation, the industry sits on the cusp of significant disruption in the data centre. Driven by software-defined networking, the future of the data centre is fast becoming reality, as the channel seeks to keep up, keep innovating and keep growing. APC by Schneider Electric, Lenovo and key partners outlined how the channel can capitalise at The Grill restaurant in Auckland.

​IN PICTURES: Disruption in the data centre - Can the Kiwi channel capitalise?​
Show Comments