On May 1st, Diachenko discovered that an unprotected and publicly indexed MongoDB database which contained over 275,265,298 records of Indian citizens with personal identifiable information (PII) was available online for more than two weeks.
For more than two weeks, records of over 27.5 crore Indian citizens were left unprotected and eventually got hijacked by a hackers group – revealed Security Discovery researcher on Wednesday. According to expert Bob Diachenko, a huge MongoDB database of Indian citizens was left exposed and was publicly accessible on Amazon AWS using Shodan.
On May 1st, Diachenko discovered that an unprotected and publicly indexed MongoDB database which contained over 275,265,298 records of Indian citizens with personal identifiable information (PII) was available online for more than two weeks. This information included name, email, gender, education level and area of specialization, professional skills / functional area, mobile phone number, employment history and current employer, date of birth and current salary of over 27.5 crore Indians publicly accessible through Shodan.
In his post over Security Discovery blog, the researcher has noted that the historical data provided by the platform showed, the huge cache of PII data was first indexed on April 23, 2019.
“On May 1st, I have discovered an unprotected and publicly indexed MongoDB database which contained 275,265,298 records with personal identifiable information (PII) on Indian citizens,” wrote Diachenko.As per the researcher, he immediately notified Indian CERT team on the incident on May 1, but the database remained open and searchable until last Wednesday, May 8. That’s when a group of hackers known as ‘Unistellar’ group. wiped out the data and the left a coded message.
Having noted that, the researcher also mentions while the actual number of exposed persons might be less than the total number of records exposed, it is still one of the biggest breaches reported in the Indian region. He previously reported that the lack of authentication allowed the installation of malware or ransomware on the MongoDB servers.
Post a Comment