Getty Pictures
Atlassian has verified a details breach involving employee details, briefly prompting a back again-and-forth blame activity concerning it and a third-party app company.
A hacker team recognized as ‘SiegedSec’ claimed obligation for an attack on Atlassian on Wednesday in a article by using Telegram. The group claimed to have accessed staff data and facts on workplace floor plans at web pages in San Francisco and Sydney.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
Worker knowledge, like names, email addresses, phone quantities, and additional miscellaneous data was exposed in the breach, according to SiegedSec.
“SiegedSec is right here to announce we have hacked the software package organization Atlassian,” the team stated in a Telegram assertion.
“We are leaking hundreds of personnel records, as well as a several constructing floorplans. These staff records incorporate email addresses, phone figures, names, and heaps much more.”
Conflicting reports
In a statement yesterday, Atlassian verified a knowledge breach experienced occurred but to begin with suggested that information from Envoy, which presents office environment visitor administration equipment, was compromised and published.
“On February 15 2023, we uncovered that information from Envoy, a third-party app that Atlassian works by using to coordinate in-place of work methods, was compromised and published,” the enterprise explained at the time.
“Atlassian product or service and buyer details is not accessible by way of the Envoy application and for that reason not at risk. The security of Atlassians is our priority, and we worked promptly to boost actual physical security throughout our offices globally.”
However, in a statement supplied to IT Pro, Envoy explained that a preliminary investigation exposed that the hack appeared to be the result of attackers stealing person credentials from an Atlassian employee, which then enabled them to extract facts from the application.
“We found evidence in the logs of requests that confirms the hackers acquired legitimate user qualifications from an Atlassian staff account and made use of that access to down load the affected details from Envoy’s app,” the corporation mentioned.
“We can validate Envoy’s systems ended up not compromised or breach and no other customer’s information was accessed.”
The business included that security teams at both Envoy and Atlassian were being “collaborating to detect the supply of the details compromise”.
This seems to have prompted a U-turn at Atlassian, which has because issued a assertion clarifying the scenario. The company now suggests it does not believe the incident was prompted by a breach of Envoy’s devices.
“Our security crew is cautiously exploring all attainable avenues to realize how the risk actor obtained obtain and functioning closely with Envoy to do so,” Atlassian claimed.
“While we do not would like to speculate, for the sake of clarification, we are aligned with Envoy in the belief that our app data was not compromised owing to a breach of their techniques.”
Who are SiegedSec?
SiegedSec seems to be a rather smaller cybercrime team which emerged on the scene in early 2022.
Insights from DarkOwl, a darknet details supplier, advise that the team emerged just times prior to the Russian invasion of Ukraine in February 2022. The team is allegedly led by a “renowned hacktivist” who sues the moniker, YourAnonWolf.
The group has because long gone on to effectively goal a amount of organisations. In June 2022, the business claimed to have stolen delicate internal files from governing administration servers in the US states of Kentucky and Arkansas.
The attack was assumed to have been in reprisal for the US Supreme Court’s decision to reverse Roe v. Wade.
Some areas of this post are sourced from:
www.itpro.co.uk