CGI Federal points finger at Atlassian bug for US government data breach
Atlassian software exploit from October 2023 is apparently responsible for the breach
A bug in the Atlassian collaboration platform is to blame for this week's US government data breach, affected IT contractor CGI Federal has said.
The incident saw the Government Accountability Office (GAO) reveal over 6,000 current and former employees had been affected as a result of the breach.
It has not been confirmed if the breach affected any other government agencies, so the full extent of the damage is yet to be determined.
Blame it on the buggy
As reported earlier this week, CGI Federal disclosed that it had suffered a data breach at some point during January 2023.
The CGI Federal website states its federal clients, “include nearly every cabinet-level federal agency, military branch, and other federal entities.” A CGI representative recently stated that the company provides its services to “100 participating agencies” while testifying in front of Congress.
In a statement released by CGI Federal, the company said that it was "with authorities and clients to identify and disclose any data affected by the Confluence exploitation." According to the Cybersecurity & Infrastructure Security Agency (CISA), the Atlassian Confluence exploit was discovered in October under the vulnerability ID CVE-2023-22515.
In the statement by CISA on the Network Initial Access exploit, the organization stated that they “strongly encourage network administrators to immediately apply the upgrades provided by Atlassian. CISA, FBI, and MS-ISAC also encourage organizations to hunt for malicious activity on their networks using the detection signatures and indicators of compromise (IOCs) in this CSA.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More from TechRadar Pro
Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.