MongoDB recently confirmed that customer data had been exposed due to a cyberattack on its corporate systems. Upon detecting suspicious activity on December 13th, the company immediately began an investigation.
According to an email sent to MongoDB customers by Chief Information Security Officer (CISO) Lena Smart, unauthorized access to certain corporate systems of MongoDB exposed customer account metadata and contact information. The company found no evidence of data exposure in MongoDB Atlas.
Before the breach was discovered, the attacker had gained access to MongoDB’s systems for an extended time. This raises concerns about potential data theft. As part of its investigation into the incident, the company has urged all customers to take immediate security measures.
MongoDB recommends that all customers enable multi-factor authentication on their accounts and rotate their passwords regularly.
It has reported a surge in login attempts that are causing problems for customers trying to log in to Atlas and the Support Portal. The company has confirmed that this issue is separate from the data breach incident.
MongoDB has been investigating the issue, and it is expected that further information will be provided. The company has followed industry best practices in transparency and customer protection by informing proactively of the breach. To guarantee their account’s security, customers are also advised to comply with the company’s guidelines.