https://cyberscoop.com/atlassian-hack-employee-data-seigedsec/ Skip to main content Advertisement * FedScoop * DefenseScoop * CyberScoop * StateScoop * EdScoop * WorkScoop Advertise Search Close Search for: [ ] Search CyberScoop Open navigation * Topics Back + Cybercrime + Commentary + Financial + Government + Policy + Privacy + Technology + Threats + Research + Workforce * Special Reports * Events * Podcasts * Videos * Insights * Subscribe to Newsletters * Advertise * Ukraine Switch Site * FedScoop * DefenseScoop * CyberScoop * StateScoop * EdScoop * WorkScoop Subscribe Advertisement Subscribe to our daily newsletter. Subscribe Close * Cybercrime After apparent hack, data from Australian tech giant Atlassian dumped online A hacking crew called SiegedSec posted data on what appears to be thousands of employees and floor plans for two of the company's offices. By AJ Vicens February 16, 2023 [GettyImages-1419722385] Scott Farquhar, Atlassian co-founder and co-CEO at the Australian Parliament House on Sept. 1, 2022. (Photo by Martin Ollman/Getty Images) A little known hacking crew called SiegedSec posted data on what appears to be thousands of Atlassian employees and floor plans for two of the Australian software vendor's offices. The employee file posted online Wednesday contains more than 13,200 entries and a cursory review of the file appears to show multiple current employees' data, including names, email addresses, work departments and other information. The floor plans are for one floor of the company's San Francisco office and another for its Sydney, Australia, office. "THATS RIGHT FOLKS, SiegedSec is here to announce we have hacked the software company Atlassian," a message posted with the files says. "This company worth $44billion has been pwned by the furry hackers uwu." An Atlassian representative initially told CyberScoop in an email on Thursday that on Feb. 15 the company learned that data from Envoy, a third-party app Atlassian uses to coordinate in-office resources, was published online, but that "Atlassian product and customer data" was "not at risk." The company later told TechCrunch that its internal review revealed that the data was accessed from the Envoy app "using an Atlassian employee's credentials that had been mistakenly posted in a public repository by the employee." Advertisement A spokesperson for Envoy told CyberScoop the company's systems were not compromised or breached. The person said that the two companies have been collaborating to identify the source of the data compromise. "We found evidence in the logs of requests that confirms that hackers obtained valid user credentials from an Atlassian employee account and used that access to download the affected data from Envoy's app. We can confirm Envoy's systems were not compromised or breached and no other customer's data was accessed." An Australian company currently valued at roughly $46 billion, Atlassian makes software for project management and collaboration such as Trello, Jira and Confluence. The company, which has offices around the world, earned $2.8 billion in revenue in fiscal year 2022 and had more than 242,000 customers as of August 2022, the company reported at the time. The statement also said the company had 8,813 employees. On June 2, 2022, the company disclosed a critical vulnerability in the Confluence Server and Data Center software that allowed attackers to execute arbitrary code on victims' machines. The next day the company issued a fix for the problem that had been used by "multiple threat groups and individual actors," Steven Adair, president of incident response firm Volexity, tweeted at the time. SiegedSec, which launched a Telegram channel in April 2022, made headlines in in June 2022 after claiming to have hacked "internal documents and files retrieved from Kentucky's and Arkansas' government server," The Record reported at the time. The hack came in response to abortion bans amid a wave of hacktivist activity in the wake of the Dobbs v. Jackson Supreme Court ruling that reversed Roe v. Wade. Updated Feb. 17, 2023: This story has been updated to include a statement from Envoy and an updated statement from Atlassian. In This Story * Atlassian * data breaches * SeigedSec Share * Facebook * LinkedIn * Twitter * Copy Link Advertisement Advertisement More Like This 1. Scammers target Cloudflare CEO with Silicon Valley Bank-themed spearphishing By Elias Groll 2. Police shut down cryptocurrency mixer linked to laundering more than $3 billion in criminal funds By Tonya Riley 3. Cancer patient sues medical provider after ransomware group posts her photos online By AJ Vicens Advertisement Top Stories 1. The US cybersecurity strategy won't address today's threats with regulation alone By Jason Oxman 2. North Korean hackers used polished LinkedIn profiles to target security researchers By AJ Vicens 3. Biden's budget seeks increase in cybersecurity spending By Christian Vasquez 4. Microsoft: Russian hackers may be readying new wave of destructive attacks By AJ Vicens Advertisement More Scoops [GettyImages-1241283056] Pro life protestors march in front of the Supreme Court building amid the ruling that could overturn Roe v. Wade on June 13. (Photo by ROBERTO SCHMIDT/AFP via Getty Images) Hackers leak huge cache of data from evangelical organization that supported Dobbs decision The hack is meant to expose donors to evangelical Christian groups opposed to LGBTQ and abortion rights, a message read. Latest Podcasts [Screen-Shot-2022-10-27-at-12] Leidos' Paul Butterfloss on best ROI for cyber technology [Screen-Shot-2022-10-27-at-11] Trellix's Tom Gann on helping government deliver better citizen services [Screen-Shot-2022-10-27-at-11] Google's Dan Prieto on the government's "dramatic strides" in reorienting cyber strategy [Screenshot-2023-03-06-at-2] Leidos' Jesse Peoples says the demand for resilient cyber is greater now than ever Technology * Powerful Meta large language model widely available online * Reality check: Is ChatGPT really the next big cybersecurity threat? * Inside TikTok's proposal to address US national security concerns * Supreme Court clears way for WhatsApp case against NSO Group, opening spyware firm to more lawsuits Government * FCC rules aims to curb scourge of robotexts assaulting Americans' phones * CISA tests ransomware alert system to safeguard vulnerable organizations * DC health exchange breach affects former national security official, Congress * US intel: Chinese influence operations are growing more aggressive, more similar to Russia's Threats * CISA: Federal civilian agency hacked by nation-state and criminal hacking groups * Hacker posts more D.C. Health Link data online, exposing lawmakers' personal information * Iran-linked hackers used fake Atlantic Council-affiliated persona to target human rights researchers * Israel blames prolific Iranian-linked hacking group for February university hack Policy * Rural hospitals need help from feds to fight ransomware, witnesses tell lawmakers * Presidential advisory council recommends cyber mandates for critical infrastructure * TSA issues aviation regulations for airlines, airports facing 'persistent cybersecurity threat' * Bipartisan Senate proposal sets stage for banning TikTok, other foreign tech Advertisement Scoop News Group About Us * FedScoop * DefenseScoop * StateScoop * EdScoop * CyberScoop * WorkScoop * Newsletters * Advertise with us * Ad specs * (202) 887-8001 * hello@cyberscoop.com * FB * TW * LinkedIn * IG CyberScoop Close Ad Continue to CyberScoop