A flood of attacks are targeting unsecured MongoDB servers and wiping their databases. Left behind are notes demanding a ransom payment, or the data will be leaked, and the owners reported for GDPR violations. Victor Gevers, the chairman of the non-profit GDI Foundation, is tracking the attacks. He says the ransom amount is small at $135.55 and the worry of GDPR violation may cause some people to pay for valuable data. Gevers does not think the data was backed up before being wiped.
Source: https://www.bleepingcomputer.com/news/security/surge-of-mongodb-ransom-attacks-use-gdpr-as-extortion-leverage/