Pierluigi Paganini
December 17, 2023
MongoDB on Saturday disclosed it is investigating a cyber attack against certain corporate systems.
MongoDB is a US company that developed the popular open-source NoSQL database management system.
The cyber attack was discovered on December 13, 2023, and led to the exposure of customer account metadata and contact information. The American company promptly started its incident response plan and pointed out that it is not aware of any data exposure.
“MongoDB is actively investigating a security incident involving unauthorized access to certain MongoDB corporate systems, which includes exposure of customer account metadata and contact information. We detected suspicious activity on Wednesday (Dec. 13th, 2023) evening US Eastern Standard Time, immediately activated our incident response process, and believe that this unauthorized access has been going on for some period of time before discovery.” reads the alert published by the company.” At this time, we are not aware of any exposure to the data that customers store in MongoDB Atlas.”
The US firm urges customers to be vigilant for social engineering and phishing attacks. The company also recommends active multi-factor authentication (MFA), and regularly rotate their MongoDB Atlas passwords.
MongoDB compromised pic.twitter.com/AhU5VdsEud
— vx-underground (@vxunderground) December 16, 2023
At this time it is still unclear how long threat actors maintained access to the compromised systems.
In an update provided by the company on December 16, MongoDB disclosed it is experiencing a spike in login attempts resulting in issues for customers attempting to log in to Atlas and our Support Portal. However, the company states that the activity is not related to the security incident.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
