Ransom Note Replaces 2.1M Customer Records on Open MongoDB
Threat actors are holding 1.2 million sensitive files belonging to Mexican bookseller Librería Porrúa for ransom. On July 15, a security researcher discovered the records in an unprotected MongoDB database. Three days later, threat actors also stumbled upon the unsecured server and proceeded to replace all records in it with a ransom note demanding 0.05 BTC (around $500) for the data.
The compromised data includes customer names, email addresses, phone numbers, dates of birth and hashed payment card info.