22. July 2015

Net Security: 600TB of data exposed due to misconfigured MongoDB instances

Shodan creator John Matherly (Shodan is the search engine that lets users find devices connected to the Internet) warns that there are still nearly 30,000 instances of MongoDB on the Internet that don’t have any authorisation enabled.

Net Security refers in this context to our own CISPA research in February 2015. We identified nearly 40,000 MongoDB instances at risk as well as other NoSQL databases, which were insecurely configured.

Net Security article

CISPA Cybersecurity students from Saarbrücken discover security gaps in 39,890 online databases