Something to note.
By default an AWS instance drops all incoming traffic apart from an established initiated outbound connection (e.g. Do I need updating? Okay accept those incoming files then).
So in all these case "someone" opened the mongoDB port to accept all connections from any computer rather limiting connections to the application or computers associated with it. Even with the security issues with MongoDB's unpatched db, the only way this has happened is that someone turned off at least part of the default firewall (security group as AWS calls it).
The scandal is not that this is happening, it's the inevitable consequence when some idiot does something stupid.