Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Atlassian: Leaked Data Stolen via Third-Party App

Ed. note: This story has been updated to include a statement from Envoy provided to Dark Reading about the incident.

A threat group called SiegedSec recently posted a cache of employee and operations information allegedly stolen from software workforce collaboration tool provider Atlassian.

Now Atlassian, best known for its Trello, Jira, and Confluence brands, is reassuring its customers their data is secure, and according to reports, explained that a third-party app was breached, compromising employee data including names, emails, departments, and floor plans of segments of Atlassian offices located in San Francisco, Calif., and Sydney, Australia.

“Both Envoy and Atlassian security teams have been collaborating to identify the source of the data compromise,” an Envoy spokesperson tells Dark Reading. “We found evidence in the logs of requests that confirms the hackers obtained valid user credentials from an Atlassian employee account and used that access to download the affected data from Envoy’s app. We can confirm Envoy’s systems were not compromised or breached and no other customer’s data was accessed.”

The company statement added that there is an ongoing investigation into the breach.

Envoy says the breach likely occurred due to the threat actor gaining access to employee credentials.

“We’re investigating this right now and are not aware of any compromise to our systems,” an Envoy spokesperson said in a statement emailed provided to Dark Reading. “Our initial research shows that a hacker gained access to an Atlassian employee’s valid credentials to pivot and access the Atlassian employee directory and office floor plans held within Envoy’s app.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.


Related News

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

The primary targets of this phishing campaign are located in the Ukrainian regions of Crimea, Donetsk, and Lugansk, which were…
CyberSecure Announces Strategic Alliance

CyberSecure Announces Strategic Alliance

BETHESDA, Md., March 24, 2023 /PRNewswire/ — Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to…
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Researchers from France-based pen-testing firm Synacktiv demonstrated two separate exploits against the Tesla Model 3 this week at the Pwn2Own…