An unsecured MongoDB instance belonging to health insurance marketing website MedicareSupplement.com was discovered online last month containing as many as 5 million records. The data cache included personal information as well as health details. The database was uncovered on May 13 by researchers from Compariteh working with Bob Diachenko, a security professional experienced in locating unprotected sensitive data online. The researchers modified the configuration of the MongoDB server to protect the database, but site representatives did not reply back to them.
Source: https://www.bleepingcomputer.com/news/security/open-marketing-database-exposes-5-million-personal-records/