Over 13,000 iSCSI storage clusters are currently accessible via the internet after their respective owners forgot to enable authentication.

This misconfiguration has the risk of causing serious harm to devices' owners, as cyber-criminal groups could access these internet-accessible hard drives (storage disk arrays and NAS devices) to replace legitimate files with malware, insert backdoors inside backups, or steal company information stored on the unprotected devices.

The link for this article located at ZDNet is no longer available.