>We are contacting you to inform you of an ongoing security incident affecting CircleCI customers, as a result of the compromise of our database (http://security.mongohq.com/notice).
Seems like a 'security incident' is code for 'hacked'.
I think I agree with you, however there is a big difference between having your service stopped as a precaution and having data lost/accessed by a 3rd party.
From that line it does seem more likely that they might be one of MongoHQ's clients who MongoHQ noticed had had their data accessed as part of the bigger breach.
In that context, saying they have been hacked is probably fair. Would love more details.
Seems like a 'security incident' is code for 'hacked'.