Security News > 2023 > December > MongoDB warns breach of internal systems exposed customer contact info

Infosec in brief MongoDB on Saturday issued an alert warning of "a security incident involving unauthorized access to certain MongoDB corporate systems, which includes exposure of customer account metadata and contact information."

At the time of posting, the NoSQL pioneer advised it was "Not aware of any exposure to the data that customers store in MongoDB Atlas." Atlas is the provider's multi-cloud database-as-a-service offering.

MongoDB nonetheless recommended customers "Be vigilant for social engineering and phishing attacks, activate phishing-resistant multi-factor authentication, and regularly rotate their MongoDB Atlas passwords."

Patients at Seattle's Fred Hutchinson Cancer Center have begun receiving ransom letters demanding $50 to keep data exposed in a November security breach from being sold on the dark web.

Hutchinson's page addressing the breach doesn't indicate what data was compromised, but the ransom notes sent to patients indicate names, social security numbers, addresses, phone numbers, medical history, lab results and insurance information were stolen.

Delta said it didn't spot the breach until July, and said that, along with the aforementioned financial information, drivers license numbers, social security numbers, addresses, health insurance info and health information was also lifted.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/12/18/infosec_in_brief/