MongoDB, Inc..

MDB.US | Computer programming activities

MongoDB, Inc. is a software company that develops and provides commercial support for the open-source database MongoDB, a NoSQL database program. The company's primary business involves selling database software subscriptions, professional services, and training related to its database platform. Mon...Show More

Ethical Profile

Mixed.

MongoDB's ethical profile is mixed, with notable activity in tech security. The company faced a phishing attack in December 2023 that exposed customer contact information, and a denial-of-service vulnerability was identified in 2025. However, MongoDB actively manages vulnerabilities through a bug bounty program and a 'security champions' initiative. It is certified to EU-US, UK-US, and Swiss-US Data Privacy Frameworks, complying with GDPR and CCPA, and enforced MFA since January 2021. For most other ethical areas like fair pay, environmental impact, or community respect, reports suggest insufficient public evidence to form a definitive assessment.

Similar Companies

Couchbase Inc Salesforce.com Inc Datadog Inc Progress Software Corporation Oracle Corporation ZoomInfo Technologies Inc.

Value Scores

Better Health for All-20

-100100

Fair Money & Economic Opportunity20

-100100

Fair Pay & Worker Respect0

-100100

Fair Trade & Ethical Sourcing0

-100100

Honest & Fair Business-50

-100100

Kind to Animals0

-100100

No War, No Weapons0

-100100

Planet-Friendly Business0

-100100

Respect for Cultures & Communities0

-100100

Safe & Smart Tech-20

-100100

Zero Waste & Sustainable Products0

-100100

Better Health for All

-20

MongoDB's core database products and AI capabilities are widely adopted in healthcare, with 8 of the top 10 healthcare companies globally using MongoDB.

These technologies enable personalized patient care, accelerate clinical trials (reducing report generation time from 12 weeks to 10 minutes for Novo Nordisk), improve real-time health insights, and support continuous patient monitoring.

The company's products are described as having transformative potential for healthcare decision-making and enabling more affordable custom treatments.

However, an unprotected MongoDB database exposed approximately 2.7 million patient profiles and 8.8 million appointment records, including sensitive personal and billing information.

While MongoDB Atlas holds several security certifications (ISO 9001, TISAX, HDS, TX-RAMP) and MongoDB Cloud is HIPAA-ready, this data exposure incident indicates a significant lapse in data protection.

MongoDB's products are generally health-neutral, but their application in healthcare is overwhelmingly positive, enabling substantial benefits.

Fair Money & Economic Opportunity

20

MongoDB, a software company, provides database solutions that enable open finance data sharing.

Its technology facilitates data portability and customer control through RESTful APIs, JSON/BSON data exchange, and OAuth 2.0 authentication, with MongoDB Atlas serving as an open finance data store.

This aligns with Open Banking standards by offering APIs without explicit access charges, supporting data portability for the end-users of its financial institution clients.

Fair Pay & Worker Respect

0

No evidence available to assess MongoDB, Inc. on Fair Pay & Worker Respect.

Fair Trade & Ethical Sourcing

0

MongoDB, Inc. is a software company primarily selling database software subscriptions and services. Given this business model, the company does not procure or trade physical commodities or source at-risk inputs, which means KPIs related to fair-trade certification share and materials risk index are not applicable. No specific quantitative data or concrete facts were found in the provided articles for other KPIs such as audit frequency, forced/child labor incidents, traceability coverage, remediation speed, ethical clause coverage, or supplier diversity spend.

Honest & Fair Business

-50

MongoDB encourages reporting of misconduct, questionable behavior, or possible violations of law or policy via email to its legal team.

The company is committed to conducting business free from extortion, bribery, and unlawful activity, and requires its suppliers to comply with applicable laws, including the FCPA and UK Bribery Act.

Kind to Animals

0

MongoDB, Inc. is a software company providing database software subscriptions and related services. The provided articles contain no evidence of the company engaging in activities related to animal products, animal testing, animal agriculture, or direct impact on wildlife habitats.

Therefore, all KPIs related to animal welfare, testing, sourcing, and conservation are not applicable to its business model.

No War, No Weapons

0

The provided articles indicate that MongoDB, Inc. is trusted by every branch of the U.S. Department of Defense and a wide range of Intelligence Community partners.

The company is also pursuing Federal Risk and Authorization Management Program (FedRAMP) High and Impact Level 5 (IL5) authorizations for MongoDB Atlas for Government workloads by June 30, 2025.

However, the articles do not provide specific quantitative data, such as the percentage of revenue derived from these defense or intelligence contracts, nor do they detail any policies, investments, or compliance measures related to arms control, dual-use technology, or peacebuilding initiatives. Therefore, no KPIs can be scored based on the available evidence.

Planet-Friendly Business

0

No evidence available to assess MongoDB, Inc. on Planet-Friendly Business.

Respect for Cultures & Communities

0

No evidence available to assess MongoDB, Inc. on Respect for Cultures & Communities.

Safe & Smart Tech

-20

MongoDB experienced a minor data breach in December 2023, caused by a phishing attack on corporate systems, which exposed contact information and account metadata for one customer account.

The company promptly disclosed the incident and implemented remediation measures.

MongoDB has a comprehensive set of privacy and security certifications, including ISO 9001:2015, ISO 27001:2022, ISO 27017:2015, ISO 27018:2019, SOC 2 Type II, PCI DSS v.4, CSA STAR Level 2, HDS, TX-RAMP, FedRAMP Moderate, HIPAA, and self-certifications under the EU-US, UK Extension, and Swiss-US Data Privacy Frameworks.

The company requires mandatory annual security training for all employees, but the completion rate is not specified.

It also operates a 'security champions' program with over 100 participants from 45 locations, launched in February 2021.

MongoDB implements end-to-end encryption and offers Queryable Encryption and Client-Side Field Level Encryption.

It provides users with control over data retrieval, correction, and deletion, and offers optional maintenance windows for software updates.

The company has had a multi-factor authentication (MFA) system in place since January 2021, but the availability of MFA for specific services is not quantified.

MongoDB proactively identified and patched a critical vulnerability (CVE-2025-14847) in December 2025, patching the majority of its Atlas fleet within days.

It also operates a public bug bounty program through HackerOne, covering MongoDB Owned Domains, Atlas Free Tier, and some shipped products, offering monetary rewards for valid reports.

MongoDB maintains compliance with major privacy regulations such as GDPR and CCPA, has a Data Protection Officer, and uses Standard Contractual Clauses for data transfers.

The company assesses 20-35% of its products for privacy impacts. #19

Zero Waste & Sustainable Products

0

No evidence available to assess MongoDB, Inc. on Zero Waste & Sustainable Products.

Own MongoDB, Inc.?

Upload your portfolio and see how all your holdings score across 11 ethical dimensions.

Audit My Portfolio

AI-generated analysis based on publicly available data. Not financial advice. Ratings are expressions of opinion derived from automated models and may contain inaccuracies. See our Risk Disclosure for full details.