Posted 10/30/2013 at 2:07 PM
Posted 4 years ago
MongoHQ has had a security hole-in-the-wall that hackers have come through.
The MongoHQ break in has caused a major hassle for customers, and has also affected the S3 storage accounts. S3 storage accounts can be found on AWS (Amazon Web Services).
Hackers had unauthorized access via a shared password through a personal account. If access tokens had been encrypted this situation could have been avoided. But according to JumpCloud CEO David Campbell, it could have been a lot worse.
MongoHQ used bcrypt, to defend, which slows down frontal assaults by utilizing a very powerful computer technique. The hackers cracked passwords. The hackers were attacking the systems in a direct, simple matter and as LinkedIn’s attack by hackers last year proved, if there is nothing in place to slow them down, the invasions go quite smoothly for the bad guys.