The Dark Side of Technology: My Database Was Hacked!! — What Can You Learn From This?

I would like to share my expensive lesson — My MongoDB on DigitalOcean (cloud infrastructure) was hacked and deleted, I was blackmailed to pay bitcoin to retrieve my data. Please read this to the end because I don’t want you to experience what I had. This is how the story goes…

BACKGROUND

I am a tech enthusiast and software developer. As such, I subscribed to numerous cloud infrastructure service provider to host my application and database. One of such server that I subscribed to is DigitalOcean’s Ubuntu server. On the server, I run numerous back-end API that requires the use of database and I use a non relational database called MongoDB.

MY MISTAKE

To ease the testing of my API, I actually opened the firewall into the port that my MongoDB runs — 27017 and THIS IS THE BIGGEST MISTAKE.

WHAT HAPPENED

(After not using the application for two days, I tried to login and it fails)
I realized that things weren’t right because no one should have access to delete user else than “hacking into my database directly”. As such, I went to dig the MongoDB logs in my DigitalOcean’s server and this is the first thing i found…