Around 36 Million Records From 110 MongoDB Servers Leaked By GhostShell

24 year old Romanian hacker GhostShell has leaked more than 36 million user’s accounts among which 3.6 million records include passwords of several accounts. The hacker announced the data leak on Twitter and posted a link to a PasteBin URL where users can find a statement about this hack. The reason was to raise awareness about the poor security infrastructure implemented on MongoDB databases by their owners.

The download package is a 598 MB ZIP file, which decompresses to 5.6 GB of data, containing 110 folders named based on the hacked server’s IP.  There are 110 IP addresses that were breached and to every IP there is a dedicated folder with the DB data, proof and general information. The data varies from server to server but reveals a lot of sensitive info such as username, password, full name, phone, address, 627,296 email addresses and more.

I only used simple scanners like Shodan to discover these databases and alsot all the databases I accessed had no username or password for the root account and had a large number of open ports, according to GhostShell.

Some of the data that were leaked :

Click here to read GhostShell’s full mission statement.


Related posts

Hackers Target Azerbaijan Users With A Novel Rust Malware

New MidgeDropper Malware Variant Found Targeting Windows Users