Security firm Atlassian disclosed suffering from a data breach

February 17, 2023
Security Firm Atlassian Cybersecurity Third Party Risk Data Breach Dark Web

Australian security and software company, Atlassian, disclosed that they recently suffered a data breach incident caused by a third-party vendor. A hacking group proved this security incident after posting in a cybercriminal forum that they were leaking thousands of data owned by the company.

As seen from the post of the threat group, which goes by the name SiegedSec, the data leak includes thousands of employee records and floorplans. The employee records were stored in a JSON file, allegedly comprising email addresses, contact details, and full names, among other sensitive data.

Security researchers assessed the leaked data and found that the floorplans contained floor maps for the company’s offices in Sydney and San Francisco.

 

The hackers hacked a third-party vendor of Atlassian, causing the data breach.

 

Upon an in-depth investigation of the incident, it was revealed that the Atlassian breach stemmed from a hack in the company’s third-party provider ‘Envoy’ (envoy[.]com). The security company utilised this vendor for in-office functions, such as enterprise operations and space management.

In a statement, the security company said that they learned about the third-party vendor being the cause of the breach last February 15. Nonetheless, they assured that their products and customer data are not stored in the Envoy app, indicating that these are safe from hackers.

Furthermore, the company stated to have been closely investigating the incident and will work more to enhance their physical security across all their offices. More updates will be shared as they arise.

Meanwhile, Envoy, the suspected breached third-party vendor, had disproved the claims thrown at them. The company also released a statement explaining they are unaware of any compromise in their systems even upon initial investigations.

Envoy added that the breach could have started from an Atlassian employee’s credentials being hacked, leading to unauthorised access to the security company’s systems and hackers having entry inside the Envoy app.

Envoy’s statement also revealed that their app holds Atlassian’s employee directory and floor plans data, which the hacker claimed to have leaked.

About the author

Leave a Reply