Database administration big MongoDB says it’s investigating a safety incident that led to some details about prospects being uncovered.
New York-based MongoDB helps greater than 46,000 corporations, together with Adobe, eBay, Verizon and the UK Division for Work and Pensions, handle their databases and massive knowledge shops, based on its web site. The corporate’s choices embrace the open supply, self-hosted MongoDB database and the Atlas database providing as a service.
In a discover revealed late Friday, MongoDB mentioned it was actively investigating “a safety incident involving unauthorized entry to sure MongoDB company programs, which included the disclosure of buyer account metadata and make contact with info.”
MongoDB mentioned it first detected suspicious exercise on Wednesday however famous that “unauthorized entry had been ongoing for a while earlier than it was found.” It’s unknown how lengthy the hackers had entry to MongoDB programs. MongoDB CISO Lena Good declined to elaborate when requested by TechCrunch.
In an replace posted on Sunday, MongoDB mentioned it didn’t consider hackers had entry to any buyer knowledge saved in MongoDB Atlas, the corporate’s hosted database providing.
However the firm confirmed that it’s “conscious” that hackers have been in a position to entry a number of the firm’s programs that include buyer names, cellphone numbers, electronic mail addresses and different non-specific metadata for buyer accounts.
For one buyer, this included system logs, MongoDB mentioned. System logs can embrace details about the operation of the database or its platform. CISO Good mentioned that this buyer had been notified, and that it had “discovered no proof of entry to different prospects’ system logs.”
It is not clear what technical proof — resembling its personal logs — MongoDB has to detect malicious exercise on its community.
MongoDB declined to specify what number of prospects is likely to be affected by the breach of its company programs. It’s not but recognized how and when the corporate was hacked, what firm programs have been accessed, or whether or not it notified the US Securities and Trade Fee. As of December 18, organizations should disclose “materials” cybersecurity incidents to the regulator inside 4 days of their discovery.
MongoDB recommends that prospects stay vigilant about social engineering and phishing assaults, and activate phishing-resistant multi-factor authentication on their accounts, which the corporate doesn’t require prospects to make use of by default.
The corporate famous over the weekend that it was “experiencing a major spike in login makes an attempt leading to points for patrons attempting to log in to Atlas and our assist portal,” however mentioned this was unrelated to the safety incident.