MongoDB Confirms Hack, Says Customer Data Stolen

18.12.2023

MongoDB Discloses Cybersecurity Breach: Customer Data Compromised

In a recent revelation, New York-based database software company MongoDB has reported a malicious cyberattack on its corporate systems. The breach included the unauthorized access and theft of customer account metadata and contact information.

The company issued a concise statement over the weekend, disclosing that it detected “suspicious activity” on its network on December 13th. Subsequent investigations confirmed that hackers had infiltrated MongoDB’s systems, remaining undetected for a certain period before discovery.

Despite not providing detailed information about the nature of the compromise, MongoDB’s Chief Information Security Officer, Lena Smart, assured customers in an official notice that there is no indication of exposure to data stored in the MongoDB Atlas product.

Smart emphasized, “Nevertheless, we recommend customers to exercise vigilance against potential social engineering and phishing attacks. We advise the activation of phishing-resistant multi-factor authentication (MFA) and regular password updates for MongoDB Atlas accounts.”

The company’s disclosure serves as a reminder of the ongoing cybersecurity challenges faced by technology firms, prompting heightened security measures across the industry.