"Over 300,000 Internet-Exposed Databases Identified in 2021"

Group-IB discovered over 91,000 publicly-exposed databases in the first quarter of 2022, which is significantly more than that of 2021. In 2021, the cybersecurity firm identified a total of 308,000 exposed databases, with over 165,000 discovered in the second half of the year. Most of the publicly-exposed databases were found to be using the Redis database management system, followed by MongoDB and Elastic. Group-IB emphasizes that improperly inventoried Internet-facing assets such as databases could be abused in the launch of cyberattacks, which could lead to costly data breaches. Last year, IBM discovered that the average cost of a data breach exceeded $4.2 million during the pandemic, a 10 percent increase from the previous year. In addition, the average time to identify and address a data breach had also increased to 287 days. Although the number of exposed databases has increased, the average amount of time it takes for a database owner to fix the issue is still the same as a year ago, at 170 days. This article continues to discuss the increase in the number of exposed databases, the potential impact of such exposure, and how to improve database security.  

Security Week reports "Over 300,000 Internet-Exposed Databases Identified in 2021"