MongoHQ scrambles to address major database hack

After users' hashed passwords, e-mail addresses, and other information is exposed in a security breach, the cloud-based hosting service neutralizes the attack and works to prevent future incidents.

Database hosting service MongoHQ suffered a considerable security breach on Monday, in which users' e-mail addresses, hashed password data, and other account information was exposed to hackers.

"We detected unauthorized access to an internal support application using a password that was shared with a compromised personal account," MongoHQ co-founder Jason McCay wrote in a blog post. "In handling security incidents, MongoHQ's priorities are to halt the attack, eliminate the control failures that allowed the attack to occur, and to report the incident candidly and accurately to our customers."

In an effort to secure its networks, MongoHQ has provided users with information on the incident and how it's working to both neutralize the breach and prevent future attacks. First, it locked out every MongoHQ employee account while it is enabling a credential reset and audit. Second, it disabled its employee-facing support applications while it sets up an enforced two-factor authentication, a system of graduated permissions, and other security measures.

"As a precaution, we took additional steps on behalf of our customers to invalidate the Amazon Web Services credentials we were storing for you," McCay wrote. "We have done the work to ensure the security of your data. We have taken further steps to test and validate this work by bringing on a third-party security firm for testing of this effort."

It's unclear how many users were affected in the breach. McCay said that MongoHQ will continue to update its Web site with any new information on the hack, along with recommendations for users to protect their data.

Tags:
Security
About the author

Dara Kerr, a freelance journalist based in the Bay Area, is fascinated by robots, supercomputers and Internet memes. When not writing about technology and modernity, she likes to travel to far-off countries.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Want affordable gadgets for your student?

Everyday finds that will make students' lives easier: chargers, cables, headphones, and even a bona fide gadget or two!