MongoDB Suffers Security Breach, Exposing Customer Data

News

Dec 17, 2023NewsroomCyber Attack / Data Security

MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and contact information.

The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response efforts.

It further noted that “this unauthorized access has been going on for some period of time before discovery,” but emphasized it’s not “aware of any exposure to the data that customers store in MongoDB Atlas.” It did not disclose the exact time period of the compromise.

In light of the breach, MongoDB recommends that all customers be on the lookout for social engineering and phishing attacks, enforce phishing-resistant multi-factor authentication (MFA), as well as rotate their MongoDB Atlas passwords.

Cybersecurity

That’s not all. The company said it’s also experiencing elevated login attempts that are causing issues for customers attempting to log in to Atlas and its Support Portal. It, however, said the problem is unrelated to the security event.

When reached for comment, MongoDB told The Hacker News that the incident is a matter of ongoing investigation and that it will “provide updates as soon as we can.”

(This is a developing story. Please check back for more updates.)

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft
Sophisticated TA397 Malware Targets Turkish Defense Sector
US Government Issues Cloud Security Requirements for Federal Agencies

Leave a Reply

Your email address will not be published. Required fields are marked *