MANILA, Philippines – A week after a security researcher Bob Diachenko disclosed the discovery of an exposed MongoDB database holding more than 275 million records with Indian citizens’ personal identifiable information (PII), a hacking group took the data and held it for apparent ransom.

The database contained the following PII for the 275,265,298 records.

• Name
• Email
• Gender
• Education level and area of speciazliation
• Professional skills / functional area
• Mobile phone number
• Employment history and current employer
• Date of birth
• Current salary

Diachenko made the disclosure on May 1 (May 2, Philippine time) and also told Indian CERT (Computer Emergency Response Team) about the unprotected database.

Despite informing CERT in India, Diachenko said in a blog post the database remained exposed till May 8.

A hacking group known as Unistellar wiped the content and basically left a message where discussions could be held to retrieve the data.

Diachenko was unable to find out who organized the database, but said, “The structure and names of the collections in the database hinted that data was likely collected by [an] anonymous person or organization as part of a massive scraping operation.”  – Rappler.com