Atlassian breached, company’s confidential and employee data leaked

A hacker group known as SiegedSec, which is relatively unknown, published information on what looks to be thousands of Atlassian workers as well as floor plans for two of the Australian software vendor’s locations.

Last year, SiegedSec gained news when it claimed to have stolen confidential information from the governments of Kentucky and Arkansas in retaliation for those states’ decision to outlaw abortions in the wake of the Supreme Court ruling that overturned Roe v. Wade.

More than 13,200 items were found in the employee file that was uploaded to the internet on Wednesday. A brief examination of the file revealed what seemed to be the personal data of several active workers, including their names, email addresses, work departments, and other information. The floor plans are for one floor of the company’s office located in San Francisco, and another level of the company’s office located in Sydney, Australia.

The Australian software company Atlassian and the startup Envoy, which offers services related to workplace management, were at loggerheads on Thursday over a data breach that exposed the information of thousands of Atlassian workers. Envoy is a provider of workplace management services.

Envoy is an app that assists businesses in organizing office spaces, and according to a spokesman for Atlassian, the company only found out about the hack on Wednesday. Envoy was compromised, and Atlassian just found out about it on Wednesday.

A spokeswoman for the company said that customer and product data are not available through the app; nonetheless, it seems that the information that was taken includes personnel records, building floor plans, and other data.

Officials from both Atlassian and Envoy have verified that the security incident was limited to one employee account on Envoy belonging to an Atlassian employee and did not touch any of the companies’ other systems.

According to their preliminary investigations, a hacker was able to obtain access to the legitimate credentials of an Atlassian employee such that they could pivot and access the Atlassian personnel directory and office floor plans that were stored inside Envoy’s app.

SiegedSec teased Atlassian with a number of messages having to do with Valentine’s Day that were tied to the stolen documents.

After conducting an investigation into the papers, researchers from Check Point discovered two floor plans for the Atlassian office in San Francisco in addition to a JSON file that had approximately 14,000 entries including names, phone numbers, emails, and other information.