Ransomware attacks on poorly secured MongoDB installations have doubled in just a day. Hackers are accessing, copying and deleting unpatched or badly-configured MongoDB databases and then threatening administrators to ransom in exchange of the lost data. Administrators are strongly recommended to update MongoDB software to the latest release. The number of compromised systems have reached more than double to 27,000, over the course of about 12 hours, according to security researcher Niall Merrigan. In every case, the target MongoDB server had an administrator account that was configured without a password.
Source: https://thehackernews.com/2017/01/mongodb-database-security.html