Thousands of databases hacked by cyberthieves
A group of hackers hacked into thousands of web-based databases and deleted several data archives. Security researchers say that gigabytes worth of medical, financial and other data held in open source database programme MongoDB have been taken by the attackers. Security experts say that the systems were vulnerable to the attacks as administrators had accidentally left them easily accessible through the Internet.
Affected people asking for help
"I am being flooded with requests for help," said Victor Gever, an ethical hacker who works for the Dutch government. He also said that over 5,000 systems had been hit.
Attackers demanding ransom for accessing data
The attackers, after identifying potential victims, checked databases to see if they had any value. If it did, they deleted the data and replaced it with a ransom note demanding small amounts of bitcoins, ranging from 0.2 ($190) to 0.5 ($480) bitcoins, for access to the data. While the attackers have not been identified, it is suspected that there are three groups.
The vulnerability of MongoDB databases
"While applying a password on sensitive data seems like common sense, the reality is hundreds of thousands of databases are going online without any form of security whatsoever. This problem has been known for years and continues to grow," said Kevin Beaumont, a security architect.
Security concerns with MongoDB databases
MongoDB is popular among small businesses, hospitals etc. as it is easy to use and straightforward. While MongoDB had updated their security in the latest versions, a lot of organizations and businesses were still running the older versions which were wide open to cyber attacks. Security experts also advised affected people to verify if their data had been copied before paying the ransom.