Very recently, security researcher Bob Diachenko located an open and unprotected MongoDB instance which contained 202,730,434 “very detailed” records. The database was indexed in data search engines Binary Edge and Shodan, and was freely visible without a password or login. It included information like phone numbers, email addresses, driver licenses and salary expectations, and had been freely available to anyone who knew where to look for as long as three years. The reason was- an unsecured database.
The ownership of this database was not clear, but the records seem to contain data that was scraped from Chinese classifieds. This includes 58.com, China’s answer to Craigslist, though a 58.com spokesperson said that the records were not its creation, but their service had been the victim of scraping from a third-party.
It has now been secured, but the database was up and available for anyone who wanted to access it for three long years. This has been by all accounts, the largest data risk event in china, ever.