[ FEB 22, 2019 ]
A security researcher Bob Diachenko has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens.
He disclosed that two days ago, he found a 4.1 GB-sized highly sensitive database online, named “GNCTD,” containing information collected on 458,388 individuals located in Delhi, including their Aadhaar numbers and voter ID numbers.
The data leaked through MangoDB database. MongoDB is the most popular, open-source NoSQL database used by companies of all sizes, from eBay and Sourceforge to The New York Times and LinkedIn.
Cyber Security Tips:
On older versions of MongoDB before version 2.6.0, the default configuration makes the database listening on a publicly accessible port, where admins are supposed to reconfigure it appropriately for online use.