I was about to check out the MongoDB University course and I found this article:
Yours was posted 13 May 2016…
Mine was posted yesterday
Still do the course.
Every database is hackable if you don’t set a username and password.
Hardly Mongo’s fault