The unprotected server is one in a long string of similar exposures. “There have been several instances in the past where MongoDB servers were compromised simply because they were being set up without proper authentication and, thus, were left open on the Internet,” said Rod Soto, director of security research at JASK. “The compromise workflow for these types of data leaks is simple. Sensitive information is left publicly available in a data repository due to poor developer practices – and essentially has a bullseye on it to be targeted by malicious actors that scan these repositories to find vulnerable ones and compromise valuable info.”
Soto said that “large data leaks like this Amex India instance should drive home how pivotal it is to take proper security precautions with all third-party services. If they’re not configured properly, they will continue to lead to massive data leaks.”
Read more here.