The large MongoDB database revealed about 275 million records containing detailed personal information of Indian citizens, which has not been protected by the network for more than two weeks.
Security researcher Bob Diachenko found that the leaked data included information such as name, gender, date of birth, e-mail, mobile phone number, education level, professional information (employer, work experience, skills, functional areas), and current salary. However, no information has been found about the owner. In addition, the name of the data collection stored in the database indicates that collecting the entire resume cache is part of an “as part of a massive scraping operation” whose purpose is unknown.
Diachenko immediately notified the Indian CERT (Computer Security Emergency Response Team) team, but the database remains open and searchable. Until yesterday, May 8, the database was deleted by a hacker organization called “Unistellar”, and Diachenko found the following message: