Cyber Incident Victim: Atlassian

In February 2015, Atlassian disclosed a security breach affecting its HipChat group messaging service. Attackers accessed names, usernames, email addresses, and encrypted passwords for a subset of users, with the company estimating less than 2% of its customer base was impacted. The intrusion did not compromise payment information according to Atlassian's investigation. Craig Davies, Atlassian's security lead, confirmed the stolen passwords underwent one-way encryption using hashing and salting techniques, making them computationally difficult to reverse-engineer. While the exact intrusion method wasn't detailed, the breach necessitated immediate containment measures. Atlassian emphasized the relatively limited scope of affected accounts while acknowledging the seriousness of the credential exposure.

The company initiated a precautionary password reset for all compromised HipChat accounts and any linked Atlassian services sharing the same email addresses. This action aimed to mitigate potential misuse of the stolen password hashes, even though their encrypted state provided substantial protection against straightforward decryption. Atlassian noted that cracking such passwords would require significant computational resources, particularly for complex credentials. However, the breach exposed users to secondary risks, as attackers possessed sufficient personal data to launch targeted phishing campaigns against affected individuals. The incident underscored the importance of password strength, though Atlassian refrained from speculating about potential future attacker actions beyond confirming the immediate containment steps taken. No evidence emerged suggesting further unauthorized access to systems beyond the initially reported data categories.