US government data breach linked to Atlassian bug

3 months ago AndyC

A US government data breach disclosed earlier this year was tied to a bug in enterprise software maker Atlassian’s Confluence suite of collaboration tools, an IT contractor said.

US government data breach linked to Atlassian bug

A US government data breach disclosed earlier this year was tied to a bug in enterprise software maker Atlassian’s Confluence suite of collaboration tools, an IT contractor said.




US government data breach linked to Atlassian bug










CGI Federal, an IT contractor and unit of CGI, said in a statement that it was working “with authorities and clients to identify and disclose any data affected by the Confluence exploitation,” which was made public back in October.

Reuters has been unable to determine the size and scope of the breach.

On Monday, the US Government Accountability Office told Reuters that 6000 current and former GAO employees had been victims of a data breach by an unnamed “threat actor” in connection with the hack.

Whether any other government agencies have been affected has not been publicly disclosed.

Atlassian did not immediately respond to a request for comment.

The US cyber watchdog agency, the Cybersecurity and Infrastructure Security Agency, did not immediately return an email.



About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

<div>Trustwave report highlights public sector's cyber vulnerabilities</div>

Trustwave report highlights public sector’s cyber vulnerabilities

9 hours ago AndyC
Gigamon celebrates partner excellence at ANZ awards ceremony

Gigamon celebrates partner excellence at ANZ awards ceremony

9 hours ago AndyC
Cyber Expert Says Budget Investment a Matter of National Importance

Cyber Expert Says Budget Investment a Matter of National Importance

12 hours ago AndyC
AUSCERT Says Budget Funding Will Help Bolster Cyber Resilience

AUSCERT Says Budget Funding Will Help Bolster Cyber Resilience

12 hours ago AndyC
Tech Council says Budget Investment in Tech Sector is Vital to Australia’s Future

Tech Council says Budget Investment in Tech Sector is Vital to Australia’s Future

12 hours ago AndyC
State of Security 2024 - Data Security

State of Security 2024 – Data Security

12 hours ago AndyC

You may have missed

Achieving CIOs’ top investment priorities requires filling the tech skills gap

Achieving CIOs’ top investment priorities requires filling the tech skills gap

7 mins ago AndyC
Canadian CIOs discuss driving a successful hybrid cloud roadmap

Canadian CIOs discuss driving a successful hybrid cloud roadmap

7 mins ago AndyC
AI for Cybersecurity: Superhero or Sidekick?

AI for Cybersecurity: Superhero or Sidekick?

7 mins ago AndyC
Mitigate risk and gain efficiency with event-driven automation

Mitigate risk and gain efficiency with event-driven automation

8 mins ago AndyC
In the corner office, fear of GenAI risk outweighs the lure of its promise

In the corner office, fear of GenAI risk outweighs the lure of its promise

8 mins ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.