Mongodb Security Breach: Customer Account Data Exposed in Investigation

Database management giant MongoDB says it’s investigating a security incident that has resulted in the exposure of some information about customers.

The New York-based MongoDB helps more than 46,000 companies, including Adobe, eBay, Verizon, and the U.K.’s Department for Work and Pensions, manage their databases and vast stores of data, according to its website.

In a notice published late on Friday, MongoDB said it was actively investigating a “security incident involving unauthorized access to certain MongoDB corporate systems, which includes exposure of customer account metadata and contact information.”

MongoDB said it first detected suspicious activity on Wednesday but noted that “unauthorized access has been going on for some period of time before discovery.”

In an update published on Sunday, MongoDB said does not believe hackers accessed any customer data stored in MongoDB Atlas, the company’s hosted database offering.

But the company confirmed that it is “aware” that hackers accessed some of its corporate systems that contained customer names, phone numbers, email addresses, and other unspecified customer account metadata.

For one customer, this included system logs, MongoDB said. System logs can include information about the running of a database or its underlying system.

It’s not clear what technical evidence — such as its own logs — MongoDB has to detect malicious activity on its network.

MongoDB declined to say how many customers may be affected by the compromise of its corporate systems. It is not yet known how and when the company was compromised, which corporate systems were accessed, or whether it has notified the U.S. Securities and Exchange Commission.

MongoDB recommends that customers should remain vigilant for social engineering and phishing attacks, and activate phishing-resistant multi-factor authentication on their accounts, which the company does not require customers to use by default.

The company noted over the weekend that it was “experiencing a spike in login attempts resulting in issues for customers attempting to log in to Atlas and our Support Portal,” but said this was unrelated to the security incident.

Author photo
Publication date:
Author: admin