Hacks and Incidents

40,000 UnProtected MongoDB Databases Found on the Internet

40,000 UnProtected MongoDB Databases Found on the Internet: Nearly 40,000 organisations running MongoDB, a NoSQL high performance and cross-platform document-oriented database, are found to be unprotected and vulnerable to hackers.

Three students from University of Saarland in Germany at the Centre for IT Security – Kai Greshake, Eric Petryka and Jens Heyens – discovered that MongoDB databases running at TCP port 27017 as a service on several thousands of commercial web servers are easily accessible on the Internet.

MongoDB is an open-source database used by companies of all sizes, across all industries for a wide variety of applications. MongoDB is built for scalability, performance and high availability, scaling from single server deployments to large, complex multi-site architectures. By leveraging in-memory computing, MongoDB provides high performance for both reads and writes.