From the course: Cloud Security Considerations for the Healthcare Industry
Unlock the full course today
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Case Study: MongoDB
From the course: Cloud Security Considerations for the Healthcare Industry
Case Study: MongoDB
- [Instructor] In the second use case, cybersecurity expert Chris Vickery found data stored in an Amazon Web Services MongoDB database. It included personally identifiable information and voting records of 93 million Mexican voters to be at risk. This occurred because when the database was installed the default installation settings remained unchange. With that configuration, the database could be accessed without any authentication or access control when browsing the open MongoDB 27017 port. All data was open to manipulation by anyone. This situation led to a data breach, data loss, exposure of personally identifiable information and a loss of user credentials. The company spent hundreds of millions of dollars in audits, incident recovery, legal reimbursement and fines. Operational impacts included time and effort taken to restore files from backup data. This was also a violation of state and federal regulations in the United States, Business to business agreements and user privacy…