Ed. note: This story has been updated to include a statement from Envoy provided to Dark Reading about the incident.
A threat group called SiegedSec recently posted a cache of employee and operations information allegedly stolen from software workforce collaboration tool provider Atlassian.
Now Atlassian, best known for its Trello, Jira, and Confluence brands, is reassuring its customers their data is secure, and according to reports, explained that a third-party app was breached, compromising employee data including names, emails, departments, and floor plans of segments of Atlassian offices located in San Francisco, Calif., and Sydney, Australia.
“On February 15, 2023 we learned that data from Envoy, a third-party app that Atlassian uses to coordinate in-office resources, was compromised and published,” an Atlassian spokesperson told CyberScoop. “Atlassian product and customer data is not accessible via the Envoy app and therefore not at risk.”
The company statement added there is an ongoing investigation into the breach.
Envoy says the breach likely occurred due to the threat actor gaining access to employee credentials.
“We’re investigating this right now and are not aware of any compromise to our systems,” an Envoy spokesperson said in a statement emailed provided to Dark Reading. “Our initial research shows that a hacker gained access to an Atlassian employee’s valid credentials to pivot and access the Atlassian employee directory and office floor plans held within Envoy’s app.”
Source: www.darkreading.com