MongoDB disclosed on Saturday that it is actively investigating a security incident that led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and information on contact
The American database software company SAYS it first detected anomalous activity on December 13, 2023, and that it immediately activated efforts to respond to the incident.
It further noted that “this unauthorized access continued for some period of time before being discovered,” but emphasized that it was not “aware of any exposure to data stored by MongoDB Atlas customers. ” It did not disclose the exact time period of the compromise.
Due to the breach, MongoDB recommends that all customers watch out for social engineering and phishing attacks, implement phishing-resistant multi-factor authentication (MFA), as well as rotate their passwords to MongoDB Atlas.
That’s not all. The company said it also experienced high login attempts that caused issues for customers trying to log in to Atlas and our Support Portal. However, it said the problem was not related to security activity.
Hacker News has reached out to MongoDB for additional comments, and we’ll update the story when we hear back.
(This is a developing story. Please check back for more updates.)