Atlassian has confirmed that its network and client data are secure and that a recent data leak at a third-party vendor was the result of a compromise. Cyberscoop was the first to reveal that a hacker organization by the name of SiegedSec published data on Telegram yesterday that it claimed to have obtained from the Australian company Atlassian, which makes collaboration software.
“We are disclosing a small number of building floorplans together with thousands of employee information. These personnel records include names, phone numbers, email addresses, and a ton more! “claimed the hackers from SiegedSec.
Soon after the leak, Checkpoint software said that they had examined the stolen information and discovered two-floor plans for the Sydney and San Francisco locations as well as a JSON file with employee data.
Third-party App Used By Atlassian Was Hacked
Check Point says, “from the first research, we assume the group did not hack directly into Atlassian but into a 3rd party service named https://envoy.com/.” Today, the data leak was brought on by a hack of Envoy, a vendor they utilize for internal operations.
“We found out on February 15, 2023, that information from Envoy, a third-party application that Atlassian uses to manage resources inside its offices, had been hijacked and leaked. Because the Envoy app does not allow access to Atlassian products or customers, there is no security concern “.
“Our top concern is the protection of Atlassians, therefore we moved promptly to increase physical security in all of our facilities across the world. We are looking into this event right now, and we’ll keep informing the staff as we find out more.”
Envoy asserts that they are not aware of a breach on their end, but they suspect that a threat actor gained access to the Envoy app’s data thanks to the theft of an Atlassian employee’s login information.
“We are now looking into this and have found no evidence of system penetration. Our preliminary investigation reveals that a hacker was able to access the Atlassian employee directory and office floor plans stored within the Envoy app by using a genuine set of credentials belonging to an Atlassian employee “told, Envoy.
Envoy takes data security and privacy seriously, much like Atlassian exceptionally seriously and has tough safeguards in place to secure it, the company claims.
Avoiding Data Breaches in Organizations
- Control who can access your most important info.
Every employee used to have access to all of the files on their computer back in the day. Companies today are discovering the hard way how important it is to restrict access to their most important data. A mailroom employee has no need to see a customer’s financial information, after all. Limiting who is permitted to read specific papers reduces the number of workers who might unintentionally click on a hazardous link. Expect to see all records partitioned off as organizations go into the future so that only those who specifically require access will have it. One of those apparent fixes that businesses probably ought to have implemented sooner rather than later.
- Third-party vendors must comply.
Every firm interacts with a variety of outside vendors. The need to understand who these people are has never been greater. Even permitting visitors onto their property might expose businesses to legal action. What if the person who delivers office supplies was recently released from jail? It’s a thought to ponder. Also, make sure to restrict the kinds of documents that these vendors can access. Although taking such steps can be a bother for the IT department, the alternative could be a data breach that costs millions of dollars.
- Provide security awareness training for employees.
According to recent research, employees are the weakest link in the data security chain. Despite training, workers read suspicious emails with the potential to download malware every day. Employers make the error of assuming that one cybersecurity training session is sufficient. Schedule frequent quarterly or monthly sessions if you’re serious about protecting your crucial data.
- Consistently update software.
Professionals advise routinely updating all operating systems and application software. When patches are available, install them. When programs aren’t constantly patched and updated, your network is exposed. Baseline Security Analyzer, a software from Microsoft, may now be used to check that all programs are patched and current periodically. This is a simple and affordable solution to fortify your network and thwart attacks before they start.
- Create a plan for responding to a cyberattack.
Unexpectedly few businesses have a reliable breach response strategy in place. Either they haven’t considered the possibility that they could need one soon, or they believe they can handle the necessary response. This thinking contains a sizable fallacy. Large corporations in the past took their time disclosing when cybercriminals broke in and stole documents from them. Additionally, they were hesitant to admit how much and what kind of data was stolen.
- Passwords that are challenging to crack
Businesses rarely intervened in the frequency of password changes required of their employees in the past. Recent cyberattacks have altered everything. Security professionals will emphasize the importance of routinely changing all passwords when they visit your organization to train your staff. The majority of people are now aware of how crucial it is to make passwords challenging to crack. We have mastered the use of capital letters, numbers, and special characters when creating passwords, even on our home PCs. Make it as difficult as you can for burglars to enter and steal your belongings.
Conclusion
After a hacker gang released company information, enterprise software firm Atlassian opened an inquiry. On its Telegram channel and hacking forums, the threat actor SiegedSec, whose members have claimed to be hacktivists, declared that it had “hacked the software company Atlassian.” They released 35 Mb worth of material. A file supposedly having the contact details of 13,000 Atlassian employees, including names, email addresses, and phone numbers, and two picture files purportedly carrying floor plans of Atlassian buildings in San Francisco and Sydney are among these.
Although Atlassian is still looking into the incident, it appears that the information was taken from the workplace platform Envoy, which the software behemoth uses to manage internal resources. Because Envoy cannot access product or customer data, Atlassian has stated that there is no security concern. In fact, there are quite a few references to Envoy in the stolen file that appears to contain Atlassian staff details. The employer, though, claimed that it wasn’t actually hacked.
