Database hosting service MongoHQ suffered a considerable security breach on Monday, in which users' e-mail addresses, hashed password data, and other account information was exposed to hackers.
"We detected unauthorized access to an internal support application using a password that was shared with a compromised personal account," MongoHQ co-founder Jason McCay wrote in a blog post. "In handling security incidents, MongoHQ's priorities are to halt the attack, eliminate the control failures that allowed the attack to occur, and to report the incident candidly and accurately to our customers."
"As a precaution, we took additional steps on behalf of our customers to invalidate the Amazon Web Services credentials we were storing for you," McCay wrote. "We have done the work to ensure the security of your data. We have taken further steps to test and validate this work by bringing on a third-party security firm for testing of this effort."
It's unclear how many users were affected in the breach. McCay said that MongoHQ will continue to update its Web site with any new information on the hack, along with recommendations for users to protect their data.