Atlassian has confirmed that a breach at a third-party vendor caused a recent leak of company data and that its network and customer information is secure.

As first reported by Cyberscoopa hacking group known as SiegedSec leaked data on Telegram yesterday claiming it was stolen from Atlassian, an Australia-based collaboration software company.

“We are releasing thousands of employee records along with a few floor plans of buildings. These employee records contain email addresses, phone numbers, names, and much more~!” SiegedSec hackers.

Post SiegedSec on Telegram
Post SiegedSec on Telegram
Source: BleepingComputer

Shortly after the leak, Checkpoint Software told BleepingComputer that they analyzed the leaked data and it contained two floor plans for the Sydney and San Francisco offices and a JSON file containing employee information.

“Based on initial analysis, we suspect the group did not hack Atlassian directly, but a third-party vendor named https://envoy.com/,” Check Point Software told BleepingComputer.

Today, Atlassian confirmed to BleepingComputer that the data breach was caused by a breach of their third-party provider Envoy, which they use for internal functions.

“On February 15, 2023, we learned that data from Envoy, a third-party application Atlassian uses to coordinate internal resources, was compromised and released. Atlassian product and customer data is not accessible through the Envoy app and is therefore not at risk. “, Atlassian told BleepingComputer.

“The security of Atlassians is our priority, and we have worked quickly to improve physical security in our offices globally. We are actively investigating this incident and will continue to provide updates to employees as we learn more.

However, Envoy says they are unaware of any breach on their end and believe that an Atlassian employee’s credentials were stolen, allowing the threat actor to access the data inside the Envoy app.

“We are currently investigating this issue and are not aware of any compromises to our systems. Our initial investigations show that a hacker gained access to an Atlassian employee’s valid credentials to pivot and gain access to the Atlassian employee directory and office floor plans contained within the Envoy app,” Envoy told BleepingComputer.

“Envoy, like Atlassian, takes the security and privacy of our customers’ data extremely seriously and has strong measures in place to protect it.”

Update 2/16/23 4:35 PM ET: Added Envoy statement


Source link