American software company MongoDB, the developer and maintainer of the document database MongoDB said it is investigating a security incident that saw an unauthorized party gaining access to some of its corporate systems containing customer data.
MongoDB is a document-oriented NoSQL (Not only SQL) database that is used to store large amounts of data.
The exposed information includes “customer names, phone numbers, and email addresses among other customer account metadata, including system logs for one customer.” The company said it notified the impacted client of the incident. MongoDB added that it has no evidence that any other customers’ systems were compromised.
The vendor also stressed that there’s no indication that the intruders accessed MongoDB Atlas clusters.
“To be clear, we have not identified any security vulnerability in any MongoDB product as a result of this incident,” the company said in an alert on its website. “It is important to note that MongoDB Atlas cluster access is authenticated via a separate system from MongoDB corporate systems, and we have found no evidence that the Atlas cluster authentication system has been compromised.”
MongoDB didn't share the details of the breach but said it is working with the relevant authorities and forensic firms to further investigate the incident.