Petabytes of data are being left exposed online

Best cloud databases
(Image credit: Pixabay)
Audio player loading…

Security researchers from CyberNews (opens in new tab) have discovered more than 29,000 unsecured databases worldwide that are exposing over 19 petabytes (19,000 TB) of data online.

To conduct its latest investigation, the news outlet used a specialized search engine capable of scanning for open Hadoop, MongoDB and Elasticsearch databases. It's worth noting though that CyberNews didn't count any databases with default credentials (opens in new tab) enabled, so the number of unprotected databases online is actually significantly higher.

Of the databases discovered in CyberNews' search, Hadoop instances exposed the most data with almost 19PB easily accessible to cybercriminals or anyone for that matter followed by Elasticsearch with 143.8TB and MongoDB with just 6.5TB. However, when it comes to the number of exposed databases, Elasticsearch (opens in new tab) took the top spot with 19,814 instances without any kind of authentication in place.

In terms of which countries have the most exposed databases, China tops the list with 12,943 instances overall while the US comes in second with 4,512 instances followed by Germany with just 1,479 unprotected instances.

Exposed databases

Last year an unknown group of cybercriminals launched a series of attacks on unsecured databases without any explanation or even a ransom demand. These so-called 'meow attacks (opens in new tab)' wiped all of the data stored on these servers and left database owners with just an empty folder filled with files named 'meow'.

Surprisingly during its recent investigation, CyberNews found 59 databases that were still not protected even after they were hit by meow attacks last year. Security researcher at the news outlet Mantas Sasnauskas provided further insight on the importance of properly securing online databases in a new report (opens in new tab), saying:

“Anyone can look for these unprotected clusters by using IoT search engines to effortlessly identify those that don’t have authentication enabled and exploit them by stealing the data, holding them ransom, or, as was the case with the ‘Meow’ attack, simply destroy valuable information for fun, wiping billions of records and crippling both business and personal projects in the process.” 

Database owners can prevent their data from being stolen by enabling authentication, enabling encryption or using a VPN (opens in new tab) and by keeping their database software up to date. Once authentication is enabled, they should also protect their database with a complex and unique password which can be done by either using a password generator (opens in new tab) or a password manager (opens in new tab).

Via CyberNews (opens in new tab)

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.