Published on June 28th, 2019 📆 | 8131 Views ⚑0
5M records exposed by misconfigured MedicareSupplement.com MongoDB
A MedicareSupplment.com MongoDB containing more than five million records was found open to the public containing a wide range of PII.
The records were found by the security firm Comparitech and researcher
Bob Diachenko on May 13 containing first and last name, full address, IP
address, email address, date of birth, gender and marketing-related
information. Additionally, 239,000 of the records also contained the type or
area of insurance the person was interested in life, auto, medical, and
The database itself was indexed for the first time by the
BinaryEdge public search engine, Comparitech wrote.
The company and Diachenko informed the company of the issue,
access was quickly disabled and proper security precautions put in place.
At this time it is not believed any information was removed
from the database. However, that does not mean the people in the database will
not be negatively impacted in the future.
“The people whose information was exposed, particularly
those whose records included insurance interest area, could be at risk of spam,
targeted phishing, and fraud,” the report said.