In an email to customers, MongoDB CISO Lena Smart stated that the hackers gained unauthorized access to certain corporate systems, including customer account metadata and contact information. However, the company emphasized that there is no evidence to suggest that any customer data stored in MongoDB Atlas was compromised.
The investigation revealed that the threat actors had access to MongoDB’s systems for some time before they were discovered. This is a common occurrence in data breaches, as threat actors often seek to establish persistent access to systems to exfiltrate sensitive information.
In response to the breach, MongoDB advises its customers to take precautionary measures, such as enabling multi-factor authentication on their accounts, regularly rotating passwords, and staying vigilant against potential targeted phishing and social engineering attacks.
When queried about the breach, MongoDB stated that the investigation is ongoing, providing no additional information at this time. The company commits to keeping customers informed about developments related to the incident through updates on the MongoDB Alerts web page, which is typically used for communicating information about outages and other incidents.
+ There are no comments
Add yours