american express hackenproof

On 23rd October I discovered an unprotected Mongo DB which allowed millions of records to be viewed, edited and accessed by anybody who might have discovered this vulnerability.  The records appeared to be from an American Express branch in India.

https://blog.hackenproof.com/industry-news/inside-american-express-india-storage-exposure/