In common with most ransomware attacks, hackers are demanding payment in Bitcoin. The attacks were brought to the public's attention by ethical hacker and security researcher Victor Gevers. Gevers said the attacks started before Christmas, but have significantly increased in volume in the past few weeks.
Hackers use automated scanning tools searching the web for signs of insecure or improperly configured MongoDB systems, he said.
Rob Sobers, director at Varonis said the incident underlined the risk to business if they don't ensure all systems in use remain patched and up-to-date: "Organisations that run web-facing systems are in for a world of hurt if they aren't maniacal about patch management. Ransomware allows attackers to indiscriminately scan for vulnerable systems and encrypt data en masse, yielding a small fortune in bitcoins," he said.
"MongoDB is not unique—OpenSSL, Apache, MySQL, Linux, etc. have all had their fair share of security. We've seen hackers exploit WordPress vulnerabilities that were patched more than 10 years ago. The problem of overexposed data goes behind the public Internet, too. We see the same exact problem behind the corporate firewall.
"It's not uncommon to find hundreds of thousands of sensitive folders with highly sensitive data exposed to every user on the network within the first few minutes of a risk assessment."
Ilia Kolochenko, CEO of web security company High-Tech Bridge added that the firm has been aware of this growing threat and it is clearly now expanding in scope.
"As we can see now, our predictions were right due to a very high economic attractiveness of the attack - victims almost always pay, as it's less expensive than recovering the data. Inevitably, these types of attacks will continue growing in the near future," he said.
"There is nothing in particular companies can do to prevent these attacks, but to maintain an accurate inventory of their digital assets, keep their systems secure and up to date, as well as to implement continuous security monitoring."
At the end of June 2016 MongoDB unveiled its cloud-based NoSQL database-as-a-service offering.
AlphaBay users had flocked to Hansa after it was closed down - not realising it had already been taken over by Dutch police
Microsoft closes in on $100bn annual revenues with sales weighing-in at $23.3bn
Moves to take down cyber-squatted domains reveals Fancy Bear hacking network, claims Microsoft
Intel claims 'world first' in artificial intelligence that can be plugged-in almost anywhere