08-03-2025, 01:16 PM
In August 2016, the Swiss scholarly open access publisher known as MDPI had 17.5GB of data obtained from an unprotected Mongo DB instance. The data contained email exchanges between MDPI and their authors and reviewers which included 845k unique email addresses. MDPI have confirmed that the system has since been protected and that no data of a sensitive nature was impacted. As such, they concluded that notification to their subscribers was not necessary due to the fact that all their authors and reviewers are available online on their website.
https://haveibeenpwned.com/Breach/MDPI
https://haveibeenpwned.com/Breach/MDPI