34,503 MongoDB Servers Hacked and Held for Ransom

Over the past couple of weeks, 34,503 MongoDB servers have been hacked and held for ransom. Several hacking groups have been attacking public-facing MongoDB servers that have accidentally left the administrator password blank. Hackers have been deleting all of the data in the databases and leaving a ransom note behind demanding between $150 and $500 in bitcoin.

This is yet another case of bad administration. Putting a password on the administrator account is basic knowledge. If you’re a DBA at a company that was affected by this, it’s time to hand in your resignation and take up knitting.

Source: 30,000 MongoDB Servers Hacked and Held for Ransom via Geek Sexy News