A huge MongoDB database containing detailed CVs for over 202 million individuals has been found exposed online.
The unprotected MongoDB instance was found via a simple BinaryEdge or Shodan search and was left without any password protection, according to Bob Diachenko, director of cyber risk research at Hacken.io and HackenProof.
The 854GB trove contained data on 202.7m Chinese job-seekers including “personal info, such as mobile phone number, email, marriage, children, politics, height, weight, driver license, literacy level, salary expectations and more.” Such information could be used to good effect in follow-on phishing attacks.
By Phil Muncaster
To read the full article click here.