"Thousands of MongoDB Databases Ransacked, Held For Ransom"

Attacks that involve infiltrating and holding cloud databases for ransom have been around since at least 2016. Security researchers at GDI Foundation have discovered that an unknown cybercriminal has infiltrated 22,900 unsecured MongoDB databases.  The adversary then wipes their contents and then leaves behind a ransom note demanding bitcoin in return for the data.  The adversary warns that if the ransom is not paid within two days, they will notify authorities in charge of enforcing the European Union's General Data Protection Regulation (GDPR).  The adversary asks for 0.015 bitcoins (about $140) to return the data.  

WeLiveSecurity reports: "Thousands of MongoDB Databases Ransacked, Held For Ransom"