MongoDB Investigates Customer Account Data Breach

Database provider MongoDB has alerted customers to a data breach in which some account and contact information was compromised.

An email from MongoDB CISO, Lena Smart, sent to customers late last week was republished on X (formerly Twitter) by the vx-underground account.

“MongoDB is investigating a security incident involving unauthorized access to certain MongoDB corporate systems,” it explained. “This includes exposure of customer account metadata and contact information. At this time, we are not aware of any exposure to the data that customers store in MongoDB Atlas.”

The incident was detected on December 13 and Smart said the firm immediately activated its incident response processes.

“We are still conducting an active investigation and believe that this unauthorized access has been going on for some period of time before discovery,” she added.

Read more on MongoDB security threats: MongoDB Instance Leaks 200 Million Chinese CVs

In the meantime, customers were urged to monitor for phishing attempts using the stolen account or metadata to make them seem more convincing.

“If not already implemented, we urge all customers to activate phishing-resistant multi-factor authentication (MFA) and regularly rotate passwords,” Smart concluded.

A new update from the firm over the weekend said a spike in login attempts resulting in issues for customers attempting to access Atlas and its Support Portal was unrelated to this security incident.

Misconfigured MongoDB databases have been a common target for attack over the years, enabling opportunistic hackers to steal customer data and hold it to ransom. However, the firm itself has not suffered any major breaches in the recent past.

Image credit: rafapress / Shutterstock.com