Security Researcher Bob Diachenko a new large public database, in which, due to improper access settings of the MongoDB DBMS, information about 275 million inhabitants of India was exposed. The database includes information such as full name, email, phone number, date of birth, data on education and professional skills, employment history, information about current work and salary.
While it's not clear who owns the database, the problematic MongoDB instance is running in an Amazon AWS environment. The database was discovered on May 1 (it was indexed in Shodan on April 23). It is noteworthy that already on May 8, unknown attackers encrypted the available data and began to demand a ransom from the owner for decryption.
Source: opennet.ru