MongoDB instances are being hit in data extortion attacks, so make sure you're protected

• Over 200,000 MongoDB servers misconfigured, 3,000 exposed without passwords
• Hackers wiped databases, left ransom notes demanding bitcoin payments
• Many servers run outdated versions, vulnerable to DoS and persistent access

If you’re running a MongoDB instance, you might want to double-check your configuration, as experts have flagged hackers are looking to extort you for money.

Security researchers Flare have reported finding more than 200,000 misconfigured MongoDB servers whose data is available to anyone who knows where to look. Roughly half of those are exposing operational information, and approximately 3,000 can be accessed without a password.

Of those that can be easily accessed, at least half were already broken into, since their contents were wiped. An unnamed threat actor left a ransom note, demanding $0.005 in bitcoin ($387 at press time). It is possible that among the other half ...