MongoHQ, the firm that provides professional support to users for the open-source Mongo database, has been reported in a statement that they have detected an intrusion on their servers. According to the company the attackers could have accessed the user accounts database.

MongoDB is a NoSQL database, programmed in C+ + and licensed under the GNU AGPL. The database was first published in 2009, and since then it is widely used by various enterprises. The latest MongoDB 2.4 release scales the linear scalability, incremental growth, ability to add more nodes of NoSQL and introduces on premises version of 10gen’s Mongo monitoring service, cluster management and monitoring system. MongoHQ sells a database-as-a-platform service for users of MongoDB NoSQL database management system instances.

MongoHQ operations team detected unauthorized access to an internal application oriented support. The attackers had used credentials from a compromised account. The hackers got access to account information, list of databases, email addresses and customer credentials using the file hash algorithm bcrypt.

“On October 28, our operations team detected unauthorized access to an internal, employee-facing support application,” said Jason McCay, MongoHQ’s founder. “We immediately responded to this event, by shutting down our employee support applications and beginning an investigation which quickly isolated the improperly secured account. We have determined that the unauthorized access was enabled by a credential that had been shared with a compromised personal account.”

The Mountain View Calif.-based company, as a precautionary measure locked down every MongoHQ employee account, including email, network devices, and internal applications. The company is also invalidating the Amazon Web Services credentials that were store in the database. To assist MongoHQ customers, AWS has created Premium Support cases for all affected accounts.

MongoHQ is now implementing two-factor authentication for its internal applications, limiting access via VPN only, and introducing more granular access control. The company has also contacted third party security experts to independently verify that these applications are secure before they are returned to service.

“We believe we have exhausted the scope of this compromise and are directly contacting all affected customers,” wrote McCay. “We are continuing to evaluate our audit logs and conducting further investigations with the help of third-party experts.”

In the meantime, the founder said MongoHQ is strengthening its system to encrypt and decrypt data at the application level, which will mitigate possible damage from the same type of intrusion. The company is also taking advice from security consulting firm to perform a thorough penetration test of entire application stack to further provide more layers of security.

One of MongoHQ’s affected customers Buffer was admitted to a breach earlier this week. The intruder break the system and access its database, stealing steal API tokens for Twitter and Facebook and post spam on its customers’ behalf.