Abbyy Open Customer Database to be Found

The database without a password contained data on more than 200 000 customers
28 August 2018   514

Independent security specialist Bob Dyachenko found a unprotected database running on MongoDB with more than 200 thousand scanned private documents on the server of the Abbyy company. Among them - contracts, nondisclosure agreements, corporate usernames and scrambled passwords. This is reported by Tech Crunch.

The researcher told the company about the problem in early August 2018, and it shut down the server. August 27, 2018 Abbyy confirmed the leak, but did not explain why the server was not protected by a password. According to its representatives, only one client was compromised.

The incident in question concerns one rather than several customers and files bearing commercial information. The customer has been duly notified and we are cooperating on corrective measures.

Anna Ivanova-Galitsina

Spokeperson, Abbyy

In May 2017, another MongoDB DB was leaked. The specialists found a huge database with 560 million pairs of e-mail-password values.

MongoDB to Change Its Open-Source License

Main reason is the fact many companies uses MongoDB code to provide commercial services 
17 October 2018   694

MongoDB, an open source database management system developer, announced that their product will now be distributed under the Server Side Public License (SSPL). This decision was made because of the large number of providers that used MongoDB code to provide commercial services to customers. At the same time, the creators of the instrument themselves did not receive any deductions.

As the developers claim, for ordinary users working with the public server, nothing will change, the restrictions of the new license will not affect them. However, providers wishing to use the source code of the system to create their own commercial services will either have to purchase a commercial license or provide the community with access to the source code of their development.

The Server Side Public License is not much different from the GNU AGPLv3, under which MongoDB was distributed earlier. A standard developed by database creators affects the SaaS (Software-as-a-Service) distribution model, which has recently become popular. Eliot Horowitz, co-founder of the company, believes that using the new license will help protect and inspire even more open source developers.

Eliot Horowitz said he and his colleagues had a choice. They could make their product completely closed or transfer key files under a closed license. However, the leadership of MongoDB decided that open source makes it possible to create better and safer software, and the use of different licenses in one product prevents the integrity of its perception. As a result, it was decided to create a new type of license.

In this approach, however, there may be opponents. MongoDB is a commercial organization, and, despite an open license, works for profit. Some adherents of Open Source believe that such actions are contrary to the very concept of open source software.

The Open Source Initiative already has a number of different licenses for open source software. However, technology does not stand still, and SSPL may be in demand among developers.