cyber Vulnerability

Atlassian

Nov 19, 2023 1 min read
Atlassian

Atlassian revealed that unidentified hackers gained access to a vast quantity of data from its group chat service HipChat by breaking into a cloud server owned by the business.

Although Atlassian did not disclose the identity of the prominent third-party software library that was utilised by its HipChat.com service, the business claims that attackers took advantage of a weakness in the library.

The business issued instructions on how to reset passwords to all users whose accounts were connected to HipChat and, as a precaution, invalidated the passwords on those accounts.

The organisation claims that although hashed passwords, email addresses, and names were accessible to hackers, no financial information was revealed.

Source: https://securityaffairs.com/58388/data-breach/hipchat-hacked.html

TPRM report: https://scoringcyber.rankiteo.com/company/atlassian

"id": "atl116201123",
"linkid": "atlassian",
"type": "Data Leak",
"date": "04/2017",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Software Development',
                        'name': 'Atlassian',
                        'type': 'Corporation'}],
 'attack_vector': 'Exploitation of Vulnerability',
 'data_breach': {'type_of_data_compromised': ['Hashed passwords',
                                              'Email addresses',
                                              'Names']},
 'description': 'Unidentified hackers gained access to a vast quantity of data '
                "from Atlassian's HipChat service by exploiting a "
                'vulnerability in a third-party software library used by the '
                'service.',
 'impact': {'data_compromised': ['Hashed passwords',
                                 'Email addresses',
                                 'Names'],
            'systems_affected': 'HipChat.com service'},
 'initial_access_broker': {'entry_point': 'Vulnerability in third-party '
                                          'software library'},
 'response': {'communication_strategy': ['Notified users to reset passwords'],
              'containment_measures': ['Invalidated passwords on affected '
                                       'accounts'],
              'remediation_measures': ['Issued instructions on how to reset '
                                       'passwords to all users']},
 'threat_actor': 'Unidentified hackers',
 'title': 'Atlassian HipChat Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Third-party software library vulnerability'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.