In November 2017, MongoDB introduced a localhost network default binding in version 3.6 to ensure MongoDB ports will no longer be exposed by default. Even still, MongoDBs are discovered left open and unprotected. When companies tout security as a main feature, this can be quite embarrassing and damaging. 


Although the 200GB database didn't include passwords or financial information, it did contain other PII that bad actors can piece together for spamming, spear-phishing, social engineering, identity theft (synthetic identities) or other nefarious attacks. 

Companies not only need to be careful to fully secure their perimeter, but they also should invest in an outside-in approach to receive early notifications when domains, identity records and credentials are exposed.