Independent security specialist Bob Dyachenko found a unprotected database running on MongoDB with more than 200 thousand scanned private documents on the server of the Abbyy company. Among them - contracts, nondisclosure agreements, corporate usernames and scrambled passwords. This is reported by Tech Crunch.
The researcher told the company about the problem in early August 2018, and it shut down the server. August 27, 2018 Abbyy confirmed the leak, but did not explain why the server was not protected by a password. According to its representatives, only one client was compromised.
The incident in question concerns one rather than several customers and files bearing commercial information. The customer has been duly notified and we are cooperating on corrective measures.
In May 2017, another MongoDB DB was leaked. The specialists found a huge database with 560 million pairs of e-mail-password values.