MongoDB says hackers accessed corporate systems containing customer info

Jason Macuray
Hackers infiltrated the systems of billion-dollar software giant MongoDB and accessed customer information during a recent cybersecurity incident, the company said over the weekend.

Hackers infiltrated the systems of billion-dollar software giant MongoDB and accessed customer information during a recent cybersecurity incident, the company said over the weekend.

MongoDB is “aware of unauthorized access to some corporate systems that contain customer names, phone numbers, and email addresses among other customer account metadata, including system logs for one customer,” it said in a notice on Sunday.

“We have notified the affected customer. At this time, we have found no evidence that any other customers’ system logs were accessed,” the company added.

MongoDB is one of the largest database software companies currently operating, reporting $1.2 billion in revenue this year.

The Sunday notice came after the company published a warning on Saturday afternoon that it was investigating “a security incident involving unauthorized access to certain MongoDB corporate systems, which includes exposure of customer account metadata and contact information.”

They sent an email to customers explaining that the incident began on Wednesday night when they detected suspicious activity, warning that the “unauthorized access has been going on for some period of time before discovery.”

Customers, they added, should be wary of social engineering and phishing attacks. In an update released about two hours later, MongoDB noted that it was experiencing a spike in login attempts that was causing issues for customers trying to login.

On Sunday, the company said it “found no evidence” that the hackers accessed MongoDB Atlas — an integrated suite of data services centered around a cloud database. They also said the intrusion was not the result of any security vulnerabilities in MongoDB products but did not say how the hackers got into their systems.

“We are continuing with our investigation, and are working with relevant authorities and forensic firms,” they said.

BriefsCybercrimeTechnology
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Apparel giant VF reports cyberattack on first day of SEC disclosure rule

Next Post

Alleged LockBit operator to face new cybercrime charges in Canada

Related Posts

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating
Avatar
Read More