Connect with us

Internet

Unsecured Database Found Leaking Data About Millions of Indians, Gets Hijacked by Hackers: Report

Published

on

A massive database containing over 275 million records with personally identifiable information about Indian citizens was allegedly found unprotected and publicly indexed on the Internet. Discovered by a cybersecurity expert, this MongoDB database seems to include data scrapped from various job portals, given the fields in the database like “industry,” “resume ID,” and “functional area.” While some of professional information present in the database isn’t that damaging, the database also included details like name, email address, gender, date of birth, salary, and mobile number, access to which can be exploited by malicious parties. MongoDB is a widely used open-source database management system.

Found by security researcher Bob Diachenko from Securitydiscovery.com on May 1, the database has since been hijacked by hackers known as “Unistellar group”, who have replaced it with a message to contact to restore it, possibly in an exchange of a ransom. If the database being left unprotected wasn’t bad enough, it is now in hands of a hacker group, who may be willing to sell it to anyone.

The unprotected database had a size of 110GB
Photo Credit: Securitydiscovery.com

According to Diachenko, he had immediately contacted Indian Computer Emergency Response Team (CERT) about the unprotected database, but the database remained accessible until May 8, following which it was hijacked by the Unistellar group.

The data available with Shodan, a search engine for Internet-connected devices, reveals that the database was first indexed on April 23, 2019, meaning it was available on the Web for at least two weeks for anyone to access the private information.

It is unclear at this point, who was the owner of the database, but Diachenko speculates that it belonged to an “anonymous person or organization” as part of a massive scraping operation. The owners of the database have seemingly managed to scrap over 275,265,298 records of personal information about Indian job seekers. Diachenko’s assertions about database owner seem plausible considering none of Indian job portals, have anywhere close to 275 million members.

database mongoDB india security discovery dot com Unsecured server

The database has now been hijacked by a hacker group
Photo Credit: Securitydiscovery.com

This is not the first time that Diachenko has found an unprotected database leaking private information of millions of users online. Last month, he discovered an Indian state (unnamed) had left details of millions of pregnant women online. The data leak included digitised version of millions of medical forms that included private details.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet

Real-life house behind ‘The Conjuring’ is on the market again

Published

on

Just in time for Halloween is an old, very expensive house with one notable feature: it is allegedly haunted. The house that inspired hit horror movie The Conjuring is back on the market for those who want to live close to multiple major New England destinations and who aren’t afraid of a potential demon or two. The Rhode Island home … Continue reading

Continue Reading

Internet

Parrot ANAFI Ai early access program revealed for pro-droning

Published

on

There’s an early access program coming to the likes of the Parrot ANAFI Ai 4G LTE-connected drone. This is the sort of program you get in on if you’re a hardcore drone user, if you’re the sort of professional who uses drones for high-level visuals or 3D scanning, and for those that wish to be the first users of the … Continue reading

Continue Reading

Internet

Samsung Galaxy Z Fold 3 vs Microsoft Surface Duo 2 – the better foldable

Published

on

Microsoft just unveiled the Surface Duo 2 and, unless Google pulls a surprise next month, we have now seen all the foldable devices for this year. Although there are other players in that niche category, like Royole, Huawei, and Xiaomi, the two biggest names that have surfaced this year are the Galaxy Z Fold 3 and the Surface Duo 2. … Continue reading

Continue Reading

Trending