500,000 Exposed Databases on the Internet

This is just dumb.  David Litchfield of  has determined there are approximately 500,000 exposed database servers on the Internet, without Firewall protection (via computerworld.com).  He’s not talking about the little MySql databases we use for web content, we’re talking about the big MS SQL and Oracle DBs that corporations use to hold onto stuff like your credit card info, order history, medical data, etc.

With no firewall, databases are exposed to hackers, putting corporate data at risk. Litchfield said that, given the amount of press generated by corporate data breaches over the past two years, it’s amazing to find that there are more databases exposed than ever before.

“It’s terrible,” he said in an interview. “We all run around like headless chickens following these data breach headlines… organisations out there really don’t care. Why are all these sites hanging out there without the protection of a firewall?”

If you run a company, are an IT manager, etc., now is the time for an impromptu security audit.  Really…

Leave a Reply

Your email address will not be published.