An article by author, Jessica Davis, of HIMSS Media, in yesterday's (9/5/2017) edition of Healthcare IT News, entitled, "Hackers are ransoming 26,000 unsecured MongoDB databases, security researchers find", alerts readers about specific ransomware attacks throughout the end of last year "into early 2017". These have been "targeting MongoDB databases, hijacking 26,000 open servers and asking for a ransom to release the data," the article states, quoting, "security researcher Victor Gevers, chairman of the GDI Foundation."
Among the attacks cited, "MacKeeper Security Research Center discovered a misconfigured MongoDB database that contained data from over 200,000 patients and other sensitive information on Dec. 30, 2016. On Jan. 3, the firm confirmed this data was linked to Emory Brain Health Center." The article continues: "And tens of thousands -- and possibly millions -- of Bronx-Lebanon Hospital Center’s patient records were exposed in a breach, due to a misconfigured rsync backup by its vendor. The database was located on a MongoDB server."
(Copyright © 2017 Healthcare IT News is a publication of HIMSS Media)
Derive Healthcare, the dedicated healthcare solutions practice of Derive Technologies, has been monitoring this threat and the news from MongoDB, which, as the article states, "sent an advisory that explained how users should use security to prevent these types of breaches." The article, and Derive, have learned, however that many users did not receive the notifications, or have not secured their databases from these malware threats.
Please contact Derive Healthcare to learn more about the cyberdefense planning, implementation and support solutions offered by the company. You may reach a specialist by calling (212) 363-1111, or by completing the form on this page (please include "Derive Healthcare Cyberdefense" in the form's comments).