MongoDB, the database management company, says it is investigating a security breach that exposed some client information.
According to its website, New York-based MongoDB assists over 46,000 firms, including Adobe, eBay, Verizon, and the United Kingdom’s Department for Work and Pensions, in managing their databases and large collections of data. The company’s solutions include the self-hosted open-source database MongoDB and the database-as-a-service Atlas.
MongoDB said in a late-Saturday warning that it was actively investigating a “security incident involving unauthorized access to certain MongoDB corporate systems, which includes the exposure of customer account metadata and contact information.”
MongoDB claimed it discovered suspicious behavior on Wednesday, but that “unauthorized access had been going on for some time prior to discovery.” It’s unclear how long hackers had access to MongoDB’s servers. Lena Smart, the CISO of MongoDB, declined to comment when Eltrys questioned her.
In a Sunday update, MongoDB said that it did not think hackers gained access to any customer data contained in MongoDB Atlas, the company’s hosted database product.
However, the corporation said that it is “aware” that hackers gained access to certain of its corporate systems, including customer names, phone numbers, email addresses, and other unidentified customer account details.
According to MongoDB, this includes system logs for one client. System logs may include information about how a database or its underlying system is operating. According to CISO Smart, this client was alerted, and the company “found no evidence that any other customers’ system logs were accessed.”
It’s unclear what technological proof MongoDB has to identify malicious activities on its network, such as its own logs.
MongoDB declines to say how many customers the breach of its corporate infrastructure may have affected. It is unclear how and when the corporation was hacked, whether internal systems were accessed, or if the company contacted the US Securities and Exchange Commission. As of December 18, firms must notify the regulator of “material” cybersecurity problems within four days of discovery.
MongoDB advises users to be on the lookout for social engineering and phishing assaults and to enable phishing-resistant multi-factor authentication on their accounts, which the business does not require by default.
Over the weekend, the firm said that it was “experiencing a spike in login attempts resulting in issues for customers attempting to log in to Atlas and our Support Portal,” but stated that this was unconnected to the security breach.
