Total Tests:

Hacker hijacks 23k misconfigured MongoDB databases; threatens to leak data

By Jay Jay for teiss
Thursday, July 2, 2020

A hacker has uploaded ransom notes on as many as 22,900 misconfigured MongoDB databases after wiping their content, thereby forcing hundreds of companies to either pay up or lose their data altogether.

Organisations that misconfigure MongoDB databases must face legal action

Commenting on a hacker gaining access to and wiping data from almost 23,000 MongoDB databases, Ilia Kolochenko, Founder & CEO of ImmuniWeb, said that this large-scale extortion campaign may bring a powerful boost to cybersecurity awareness as many organisations carelessly expose terabytes of confidential and sensitive data online in unprotected cloud or databases.

“I think governments should mandate special agencies or law enforcement teams to crawl and monitor the Internet for such leaks affecting their jurisdictions. Once detected, legal action should be taken against the company behind the leak and all costs of the monitoring and investigation should likewise be imposed on the guilty company.

“Organisations, on their side, should urgently implement continuous attack surface monitoring and implement a well-though third-party risk management program. Today, many disastrous incidents and data exposures stem from negligent suppliers or vendors that have a privileged access to the data of their clients and fail to properly secure it.

“Paper-based questionnaires won’t help, and more proactive monitoring of attack surface and Dark Web for the data stolen from your suppliers is a requisite in 2020. Otherwise, we will certainly see a steady surge of such leaks,” he added. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential