An interesting story has run on exposed databases.
According to a story in Infosecurity Magazine, a US education non-profit, the Institute of International Education (IIE) has unwittingly leaked the personal information of thousands of students after leaving two online MongoDB databases exposed.
The database contained links with active access token to documents stored elsewhere. These links were to passport scans, application forms, visas, emails as well as other documents. If either database was accessed it could provide a treasure trove of sensitive information for use in follow-on fraud.