Back to Radar
MD

MDPI

Medium

MDPI's MongoDB breach exposed non-sensitive email exchanges (845k unique emails).

Records exposed
845,012 records
Breach date
Breach Aug 30, 2016
Last update
Updated Mar 25, 2018
Source

What data was exposed?

Fields reported as compromised in this breach record.

Email addressesEmail messagesIP addressesNames

Why does this breach matter?

In-depth analysis of the breach and its implications.

In August 2016, the Swiss scholarly open-access publisher MDPI experienced a data breach where 17.5 GB of information from an exposed MongoDB database instance was extracted. This dataset included email correspondences involving MDPI's authors and reviewers, revealing email addresses, IP addresses, names, and contents of email messages. MDPI confirmed that the system has since been secured, and noted that the breached data primarily encompassed publicly accessible author and reviewer details, determining subscriber notifications to be unnecessary.

Impact Analysis

Understanding the scope and consequences of this breach.

User Impact
Users' publicly available professional correspondence was exposed.
Business Impact
MDPI faced a minor reputational risk and implemented immediate cybersecurity protocol improvements.
Affected Sectors
  • Publishing
Geographic Impact
  • Global

What You Should Do

Recommended actions to take in response to this breach.

If You Were Affected

  • Verify whether your professional correspondence content adhered to organizational policies.
  • Monitor your email for targeted phishing attempts.

Preventive Measures

  • Ensure that all database instances are properly secured and kept updated.
  • Establish regular audits to detect unprotected services quickly.

Frequently Asked Questions

Common questions about this breach and what it means for you.

Email addresses, email content, names, and IP addresses of individuals associated with MDPI.