Hackers found a publicly accessible MongoDB instance and replaced the almost 1.2 million sensitive records it stored with a ransom note. The owner of the database is a bookseller in Mexico named Librer..a Porr..a. The hackers were quick to spot the database, which was completely unprotected; anyone with the right link could access its contents without any form of authentication. With no access protection to stop them, hackers were able to manage the contents with full privileges, security researcher Bob Diachenko says.
Source: https://www.bleepingcomputer.com/news/security/ransom-note-replaces-21m-customer-records-on-open-mongodb/