MacKeeper security researcher Chris Vickery, the scourge of all companies that run unprotected MongoDB databases, revealed yesterday another case of such server, this time exposing sensitive data from energy sector giant Pacific Gas and Electric (PG&E).
Vickery says that, sometime last week, he discovered a MongoDB server exposed to the Internet with no administrator account password.
A further investigation revealed to him that the server belonged to PG&E, and the data contained inside was typical for asset management systems, central hubs where network and system administrators keep a central repository of information about hardware equipment and software programs.
Original Source: Softpedia
View the full story here