Major U.S. database management firm MongoDB had some of its corporate systems infiltrated by threat actors, who were able to compromise customer metadata and contact details, reports Hackread.
Immediate action has been taken to respond to the incident, which was first identified on Dec. 13, according to a notification email from MongoDB Chief Information Security Officer Lena Smart, who also urged increased vigilance to phishing and social engineering campaigns, as well as the adoption of anti-phishing multi-factor authentication following the intrusion. "We are still conducting an active investigation and believe that this unauthorized access has been going on for some period of time before discovery. We have also started notifying relevant authorities," said Smart. Significantly increased login attempts that have hindered access to MongoDB Atlas and Support Portal was also reported by the firm, which clarified that there was no correlation between the surge in login attempts and the breach of its systems.