Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week.
The unprotected 854.8 gigabytes of the database was stored in an instance of MongoDB, a NoSQL high performance and cross-platform document-oriented database, hosted by an American server hosting company.
In total, the database contained 202,730,434 records about job candidates from China, including candidates’ personal information such as their full name, date of birth, phone number, email address, marriage status, and driver’s license information, along with their professional experience and job expectations.
Bob Diachenko, director of cyber risk research at Hacken.io and bug bounty platform HackenProof, discovered the existence of database two weeks ago, which had been secured shortly after his notification on Twitter.
images from Hacker News