https://www.bleepingcomputer.com/news/security/atlassian-says-recent-data-leak-stems-from-third-party-vendor-hack/ BleepingComputer.com logo * * * * [ ] [Login] [Sign up] * * * * [ ] [Login] [Sign up] * News + Featured + Latest + Hyundai, Kia patch bug allowing car thefts with a USB cable Hyundai, Kia patch bug allowing car thefts with a USB cable + Apple fixes new WebKit zero-day exploited to hack iPhones, Macs Apple fixes new WebKit zero-day exploited to hack iPhones, Macs + Hackers start using Havoc post-exploitation framework in attacks Hackers start using Havoc post-exploitation framework in attacks + City of Oakland declares state of emergency after ransomware attack City of Oakland declares state of emergency after ransomware attack + New Mirai malware variant infects Linux devices to build DDoS botnet New Mirai malware variant infects Linux devices to build DDoS botnet + Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack + Scandinavian Airlines says cyberattack caused passenger data leak Scandinavian Airlines says cyberattack caused passenger data leak + CISA warns of Windows and iOS bugs exploited as zero-days CISA warns of Windows and iOS bugs exploited as zero-days * Downloads + Latest + Most Downloaded + Qualys BrowserCheck Qualys BrowserCheck + STOPDecrypter STOPDecrypter + AuroraDecrypter AuroraDecrypter + FilesLockerDecrypter FilesLockerDecrypter + AdwCleaner AdwCleaner + ComboFix ComboFix + RKill RKill + Junkware Removal Tool Junkware Removal Tool * Virus Removal Guides + Latest + Most Viewed + Ransomware + Remove the Theonlinesearch.com Search Redirect Remove the Theonlinesearch.com Search Redirect + Remove the Smartwebfinder.com Search Redirect Remove the Smartwebfinder.com Search Redirect + How to remove the PBlock+ adware browser extension How to remove the PBlock+ adware browser extension + Remove the Toksearches.xyz Search Redirect Remove the Toksearches.xyz Search Redirect + Remove Security Tool and SecurityTool (Uninstall Guide) Remove Security Tool and SecurityTool (Uninstall Guide) + How to remove Antivirus 2009 (Uninstall Instructions) How to remove Antivirus 2009 (Uninstall Instructions) + How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo + How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller + Locky Ransomware Information, Help Guide, and FAQ Locky Ransomware Information, Help Guide, and FAQ + CryptoLocker Ransomware Information Guide and FAQ CryptoLocker Ransomware Information Guide and FAQ + CryptorBit and HowDecrypt Information Guide and FAQ CryptorBit and HowDecrypt Information Guide and FAQ + CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ * Tutorials + Latest + Popular + How to open a Windows 11 Command Prompt as Administrator How to open a Windows 11 Command Prompt as Administrator + How to make the Start menu full screen in Windows 10 How to make the Start menu full screen in Windows 10 + How to install the Microsoft Visual C++ 2015 Runtime How to install the Microsoft Visual C++ 2015 Runtime + How to open an elevated PowerShell Admin prompt in Windows 10 How to open an elevated PowerShell Admin prompt in Windows 10 + How to start Windows in Safe Mode How to start Windows in Safe Mode + How to remove a Trojan, Virus, Worm, or other Malware How to remove a Trojan, Virus, Worm, or other Malware + How to show hidden files in Windows 7 How to show hidden files in Windows 7 + How to see hidden files in Windows How to see hidden files in Windows * Deals + Categories + eLearning eLearning + IT Certification Courses IT Certification Courses + Gear & Gadgets Gear + Gadgets + Security Security * Forums * More + Startup Database + Uninstall Database + Glossary + Chat on Discord + Send us a Tip! + Welcome Guide * Home * News * Security * Atlassian says recent data leak stems from third-party vendor hack * * Atlassian says recent data leak stems from third-party vendor hack By Lawrence Abrams * February 16, 2023 * 12:41 PM * 0 Atlassian Atlassian has confirmed that a breach at a third-party vendor caused a recent leak of company data and that their network and customer information is secure. As first reported by Cyberscoop, a hacking group known as SiegedSec leaked data on Telegram yesterday, claiming to be stolen from Atlassian, a collaboration software company based out of Australia. "We are leaking thousands of employee records as well as a few building floorplans. These employee records contain email addresses, phone numbers, names, and lots more~!," said the SiegedSec hackers. SiegedSec post on TelegramSiegedSec post on Telegram Source: BleepingComputer Soon after the leak, Check Point Software told BleepingComputer that they analyzed the leaked data and that it contained two floor maps for the Sydney and San Francisco offices and a JSON file containing information about employees. "From the initial analysis, we suspect the group did not hack to Atlassian directly but into a 3rd party provider named https:// envoy.com/," Check Point Software told BleepingComputer. Today, Atlassian confirmed to BleepingComputer that the data breach was caused by a breach of their third-party vendor Envoy which they use for in-office functions. "On February 15, 2023 we learned that data from Envoy, a third-party app that Atlassian uses to coordinate in-office resources, was compromised and published. Atlassian product and customer data is not accessible via the Envoy app and therefore not at risk," Atlassian told BleepingComputer. "The safety of Atlassians is our priority, and we worked quickly to enhance physical security across our offices globally. We are actively investigating this incident and will continue to provide updates to employees as we learn more." However, Envoy says that they are not aware of a breach on their side and believes that an Atlassian employee's credentials were stolen, allowing the threat actor access to the data inside the Envoy app. "We're investigating this right now and are not aware of any compromise to our systems. Our initial research shows that a hacker gained access to an Atlassian employee's valid credentials to pivot and access the Atlassian employee directory and office floor plans held within Envoy's app," Envoy told BleepingComputer. "Envoy, like Atlassian, takes the security and privacy of our customers' data incredibly seriously and has stringent measures in place to protect it." Update 2/16/23 4:35 PM ET: Added Envoy statement Related Articles: JD Sports says hackers stole data of 10 million customers GoTo says hackers stole customers' backups and encryption key Restaurant CRM platform 'SevenRooms' confirms breach after data for sale Nissan North America data breach caused by vendor-exposed database Ransomware gang cloned victim's website to leak stolen data * Atlassian * Data Breach * Data Leak * SiegedSec * * * * * Lawrence Abrams Lawrence Abrams is the owner and Editor in Chief of BleepingComputer.com. Lawrence's area of expertise includes Windows, malware removal, and computer forensics. Lawrence Abrams is a co-author of the Winternals Defragmentation, Recovery, and Administration Field Guide and the technical editor for Rootkits for Dummies. * Previous Article * Next Article Post a Comment Community Rules You need to login in order to post a comment [Login] Not a member yet? Register Now You may also like: [INS::INS] Popular Stories * Patch Tuesday Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws * Windows Server Microsoft: February updates break some Windows Server 2022 VMs Follow us: * * * * * Main Sections * News * Downloads * Virus Removal Guides * Tutorials * Startup Database * Uninstall Database * Glossary Community * Forums * Forum Rules * Chat Useful Resources * Welcome Guide * Sitemap Company * About BleepingComputer * Contact Us * Send us a Tip! * Advertising * Write for BleepingComputer * Social & Feeds * Changelog Terms of Use - Privacy Policy - Ethics Statement Copyright @ 2003 - 2023 Bleeping Computer^(r) LLC - All Rights Reserved Login Username [ ] Password [ ] [*] Remember Me [ ] Sign in anonymously [Login] Sign in with Twitter button Sign in with Twitter --------------------------------------------------------------------- Not a member yet? Register Now Reporter Help us understand the problem. What is going on with this comment? * ( )Spam * ( )Abusive or Harmful * ( )Inappropriate content * ( )Strong language * ( )Other [ ] * [ ] Read our posting guidelinese to learn what content is prohibited. Submitting... SUBMIT