The number of insecure MongoDB databases being hijacked by criminals is growing according to experts who say attacks that began last week are now targeting more valuable assets.

Since identifying attacks against MongoDB installations on Dec. 27, Victor Gevers, an ethical hacker and founder of GDI Foundation, told the number of hijacked databases has climbed sharply. Last week, Gevers reported only a handful of instances of MongoDB attacks. The numbers of reported attacks has swelled to more than 2,000. MongoDB is a popular NoSQL database used in big data and heavy analytics environments.

Romanian hacker GhostShell has leaked today a collection of database dumps, which he claims he obtained from 110 misconfigured MongoDB servers. The hacker has told that, following his rough estimates, there are around 36 million user records included in the leaks, among which 3.6 million also contain passwords.

The hacker has announced the data leak on Twitter and posted a link to a PasteBin URL where users can find a statement regarding the reasons behind the hack, screenshots from all the hacked servers, and various links from where users can download the data. The hacker says that he only used simple scanners like Shodan to discover these databases.

The personal information of more than 93.4 million Mexican voters was exposed this week in a massive data breach. A leaky database, which was not password-protected, is said to contain Mexican citizens’ names, addresses, dates of birth, as well as occupations and the names of the voters’ parents.

The database was reportedly downloaded to an Amazon server by an unknown party, according to noted MacKeeper Security Researcher Chris Vickery. Notification of the breach was temporarily withheld while Mexican authorities investigated.

Security researchers sound alarm on "very serious" privacy problem. There are at least 35,000 publicly accessible and insecure MongoDB databases on the Internet, and their number appears to be growing.

Combined they expose 684.8 terabytes of data to potential theft. This is the result of a scan performed over the past few days by John Matherly, the creator of the Shodan search engine for Internet-connected devices. Matherly originally sounded the alarm about this issue back in July, when he found nearly 30,000 unauthenticated MongoDB instances.