System Misconfiguration Exposes One Billion Global Identity Records

Cybernews researchers report they have discovered the unsecured MongoDB instance that was detected on November 11, 2025. The database exposed approximately one billion sensitive records across 26 countries, with the highest concentrations of data belonging to residents of the United States, Mexico, and the Philippines. The instance was secured shortly after receiving notification from the research team.

The incident was caused by a misconfigured database that lacked basic authentication, allowing anyone with the server's IP address to access nearly one terabyte of data. 

Researchers identified structured data, which is highly valuable for threat actors because it allows for the automation of large-scale fraud. The compromised data includes:

• National identification numbers
• Full names and home addresses
• Dates of birth and gender
• Phone numbers and email addresses
• Postal codes
• Telecom metadata
• Breach status and social profile annotations

The number of affected individuals is not clear. After reaction from researchers on November 11, 2025, the database was secured within 24 hours.