Data related to $44 billion software company Atlassian was stolen from a third-party application, the company confirmed on Thursday, after hackers published troves of the information on Telegram.
A spokesperson for Atlassian told The Record that Envoy, an app that helps companies organize office spaces, was compromised and that Atlassian only learned of the breach on Wednesday.
The spokesperson said customer and product data is not accessible via the app, but the information stolen appears to include employee records, building floor plans and more. Envoy did not respond to requests for comment about the breach.
The hack came to light on February 15 when a group calling itself SiegedSec posted on Telegram claiming it hacked the tech giant alongside photographs of the records.
SiegedSec taunted Atlassian with several Valentines Day-themed messages connected to the stolen documents.
“The safety of Atlassians is our priority, and we worked quickly to enhance physical security across our offices globally. We are actively investigating this incident and will continue to provide updates to employees as we learn more,” the Atlassian spokesperson said.
Security researchers from Check Point examined the documents and found two floor maps for Atlassian’s San Francisco office as well as a JSON file with nearly 14,000 records containing names, phone numbers, emails and more.
Check Point confirmed Atlassian’s assessment that the group “did not hack Atlassian directly.”
SiegedSec made headlines last year when it claimed to have stolen internal documents from the state governments of Kentucky and Arkansas in response to their abortion bans following the Supreme Court decision overturning Roe v. Wade.
Representatives for governors of both states told The Record that the information was publicly available and not private.
According to Check Point, the group has been active since April 2022, and researchers “have yet to unveil the agenda or the group origins.”
It is unclear whether Atlassian is the only company whose information was stolen or whether other clients are involved.
The company has dozens of high-profile customers including Slack, Pinterest, the Golden State Warriors, the Salvation Army, Hulu and Lululemon.
Article Link: Atlassian says employee, company info stolen from third-party app - The Record from Recorded Future News