Again, a data leaking relates to the poor security of a MongoDB implementation
The Dalil Caller ID app, developed in Saudi Arabia, has been leaking the information of its users because of its implementation of MongoDB, reported specialists in network security and ethical hacking from the International Institute of Cyber Security.
More than 5 million records have been exposed online for about ten days. The database was discovered by a team of network security experts; the experts tried to contact the company about the incident, although this task has been complicated.
“This app is mainly used by people from Saudi Arabia, Egypt, Palestine and Israel. The reason for the exposure is that the implementation of MongoDB did not have a password”, the experts in network security mention.
The exposed database has several personal details of the users of the app, for example:
- Email address
- Gender
- Users’ device model
- Activity logs
- Operating system version
- IMEI Key
Malicious actors could easily trace the location of a device using the leaked information and, because the application is directly linked to the compromised database, it is most advisable for users to reduce dependency to this development.
According to reports, the database contains around 580GB of information and receives about 210,000 new records daily; Even an unidentified malicious actor has already been detected, which has encrypted a portion of the information with malware. Later the ransom note left by the attacker was found, although apparently the developers of the application had not even seen it.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.