Unprotected MongoDB exposes around over 43 GB of data of around 11 million customers

  • The leaked data contained emails, full names, gender and physical addresses of customers.
  • Over 10 million email addresses, all Yahoo-based, were among the data leaked.

A California-based marketing firm inadvertently exposed the personal data of around 11 million customers. The data belonged to SaverSpy, a marketing firm and was available on an unprotected MongoDB set up on Grupo-SMS infrastructure.

The breach was discovered by security researcher Bob Diachenko, who found that the database, which contained 43.5 GB of data of around 11 million customers, had been left open to the public.

The leaked data was available online from September 13 and contained emails, full names, gender and physical addresses of customers. In a conversation with BleepingComputer, Diachenko said that no payment card data or phone numbers were compromised in the breach.

The vulnerable database contained over 10 million email addresses-all Yahoo-based and also included DNS details of the emails. It is still unclear whether the database contained any information relating to any other marketing firm.

“The origin of data remains unknown, as database name itself did not give any clues as of potential owner. Also, data did not contain any administrator emails, system logs or host information. One hint was given in the description of the lists in which a particular email was part of - "Yahoo_090618_ SaverSpy",” said Diachenko in a blog post.

The researcher also highlighted that the unprotected database was tagged as ‘Compromised’ in Shodan and contained a ransom note demanding its owner to pay 0.4 bitcoin for recovering their data.

Cyware Publisher