Home MongoDB customer data exposed

MongoDB customer data exposed

Dec. 18th – Data management giant MongoDB works with over 46,000 enterprises, including Adobe, eBay, Verizon and the U.K.’s Department for Work and Pensions.

In the last day, MongoDB has shared that a breach in corporate systems exposed customer data, including metadata and contact information. For one customer alone, this included system log data. The company has found “no evidence” of other exposed logs.

“At this time, we are NOT aware of any exposure to the data that customers store in MongoDB Atlas,” said the company in a statement.

Available information

Internal experts believe that the hackers had access to systems for some time before they were observed. The company is pursuing an active investigation.

When reached for comment, MongoDB said that it had nothing further to share about the breach. However, it will post updates, as needed, on the MongoDB Alerts web page.

How to avoid fallout

MongoDB recommends that all customers enable multi-factor authentication on their accounts, change passwords, and remain vigilant when it comes to targeted phishing and social engineering threats.

An update to MongoDB’s initial announcement warned customers of “a spike in login attempts resulting in issues for customers attempting to log into Atlas and our Support Portal.” However, the issue is unrelated to the security incident. Customers have been instructed “try again in a few minutes” if issues logging in persist.

This is a developing story. For more information, click here.

To prevent data breaches, explore these resources

  • A CISO’s guide to security in action – click here
  • Get a Next Generation Firewall Buyer’s Guide – Prevent threats now
  • Check Point’s Quantum Data Loss Prevention (DLP) protects businesses from loss of valuable and sensitive information – Essential product info
  • Sign up for the CyberTalk.org newsletter – Here