MongoDB internal breach exposes customer info

MongoDB internal breach exposes customer info

American software company MongoDB, the developer and maintainer of the document database MongoDB said it is investigating a security incident that saw an unauthorized party gaining access to some of its corporate systems containing customer data.

MongoDB is a document-oriented NoSQL (Not only SQL) database that is used to store large amounts of data.

The exposed information includes “customer names, phone numbers, and email addresses among other customer account metadata, including system logs for one customer.” The company said it notified the impacted client of the incident. MongoDB added that it has no evidence that any other customers’ systems were compromised.

The vendor also stressed that there’s no indication that the intruders accessed MongoDB Atlas clusters.

“To be clear, we have not identified any security vulnerability in any MongoDB product as a result of this incident,” the company said in an alert on its website. “It is important to note that MongoDB Atlas cluster access is authenticated via a separate system from MongoDB corporate systems, and we have found no evidence that the Atlas cluster authentication system has been compromised.”

MongoDB didn't share the details of the breach but said it is working with the relevant authorities and forensic firms to further investigate the incident.

Back to the list

Latest Posts

Apple fixes actively exploited iOS zero-day

Apple fixes actively exploited iOS zero-day

CVE-2025-24200 could allow a malicious actor to disable USB Restricted Mode on a locked device.
11 February 2025
US, UK, Australia sanction Russia-based Zservers over Lockbit ransomware attacks

US, UK, Australia sanction Russia-based Zservers over Lockbit ransomware attacks

Zservers is responsible for providing cybercriminals with servers and other critical infrastructure designed to evade law enforcement detection.
11 February 2025
SIM swapper pleads guilty in SEC social media hack that caused bitcoin price surge

SIM swapper pleads guilty in SEC social media hack that caused bitcoin price surge

Council and his co-conspirators gained access to the SEC’s account through a SIM swap.
11 February 2025