Erxes.io

An open MongoDB database belonging to Erxes, an open-source experience operating system, was discovered exposed to the public internet without password protection. The misconfiguration led to the exposure of sensitive internal and client data. The incident was identified by security researchers who found that the database contained millions of records including customer interactions, internal logs, and organizational metadata. This exposure posed a significant risk as the data could be harvested by unauthorized third parties for phishing or corporate espionage. The leak highlights the dangers of improperly secured cloud databases and the importance of implementing strict access controls for open source SaaS platforms.