Monday, 6 June 2016

On 01:44 by admin   No comments
A group of hackers going by the handle of TeamGhostShell has leaked more than 36 million accounts/records of internal data from several vulnerable networks in order to raise awareness about the poor security infrastructure implemented on MongoDB databases by their owners.

This data breach is very similar to past cases for example; lack of security on a database that contained sensitive information of 191 million citizens in the US. Another example is the Mackeeper website which didn’t implement basic security settings on the database. The past and current data breaches are all related to MongoDB servers.

The data was actually discovered by Hacked-DB‘s cyber security analysts Yogev Mizrahi and Oren Yaakobi who told HackRead that there are 110 IP addresses that were breached and to every IP there is a dedicated folder with the DB data, proof and general information. The data varies from server to server but reveals a lot of sensitive info such as username, password, full name, phone, address, 627,296 email addresses and more.

“Our system is designed to capture, parse and alert interesting data posted by hackers on the clear web and the darknet. We have a team of cyber analysts which verifies security incidents based on our alert system. Upon detection, we’ve started analyzing the data with our tools in order to provide in-depth analysis of the compromised data,” according to one of the representatives of Hacked-DB.

0 comments:

Post a comment