Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

How really private is Confluence? Suspicious access.

Patrick Joalland March 6, 2022

I found out today that a person named Neha Ghuraiya has Admin rights on one of my Confluence Space.

Find attached a screenshot of the space permissions.

Screenshot 2022-03-06 at 08-11-08 View Space Permissions - Administration - Confluence.png

I do not know this person. After a quick search, it seems to be an Atlassian engineer (her LinkedIn profil here).

I am seriously worried that anyone from Atlassian could get into my Confluence content, showing at serious lake of respect of privacy.

It is not the first time I see this. Few weeks ago I saw the same thing in another of my Confluence Space. At that time I just fixed the permissions, and took no screenshot neither did I report it. But I think this was the same person.

I did not yet go through all my Confluence Spaces to see if other Spaces are "infected". I only checked few.

This bring me to a serious question: how private is the content of Confluence?...



Log in or Sign up to comment
Andy Gladstone
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 6, 2022

@Patrick Joalland are you sure that none of the other admins on the site have not recently opened support requests with Atlassian that would require an Atlassian engineer to gain access to your site? It is a common request from Atlassian when opening a support request to be granted access to the site/instance so they can troubleshoot.

Patrick Joalland March 6, 2022

Hi Andy,

Thank you for the suggestion.

But I am the only administrator of this Confluence instance. If I had given access to a IT support person, I would remember and would have removed it straight after. I do not have any logs of such a request...

And if someone did asked access for a support, how come that the permission has not been removed when support has been closed...?

Patrick Joalland March 6, 2022

Ok, I went through my support tickets, you are right Andy. My fault I did not check previously. Neha worked on a support request. Access was granted. Support then said at the end of the support that the access has been removed. Obviously not...

So, the issue is that permission were not removed by Atlassian at the end of the support.

Like Andy Gladstone likes this
Neha Ghuraiya
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 24, 2022

Hi @Patrick Joalland 

I worked on this support Ticket where you were not able to view your space, hence I recovered the permissions to check if you are added to space permissions or not.

when any admin recovers space permission the user will be added to the individual user permission and to revoke permission, an admin needs to remove the user manually from space.

Unfortunately, after suggesting the resolution I missed removing the user from your space but as we have revoked the user permission from your site we do not have any access to your space, as you can see "Neha" is an unlicensed user. 

As per the screenshot you have space admin permission so you should be able to remove this unlicensed user from your space.

I apologize for the inconvenience it has caused. Please let me know if you have any concerns.

Like # people like this
Patrick Joalland August 30, 2022

Hi @Neha Ghuraiya ,

Thank you for your answer. You are right, it was just about a user left after you helped me.

Everything is fine, thank you for the details of your answer.

Like Andy Gladstone likes this
Steve Abrahall March 29, 2022

Just like to say to everyone involved in this (as it is sensitive topic, and security is so darn  important in this day and age) that this conversation was open, constructive and although a sticky topic  - people owned their actions and admitted there mistakes and did the right thing. 

Good quality communication is so important! Hmmm reading this has made my day better!

Again thanks to all involved.


Like Andy Gladstone likes this
AUG Leaders

Atlassian Community Events