Hi guys - Atlassian is named as a user of the CodeCov tool.
Do you know yet if Atlassian's products have been impacted and whether we should be concerned about the integrity or security of data we have online in Confluence or Jira?
Codecov is not used as part of the products, but it is used to check coverage on some of their code bases.
So, no, my understanding is that your data is not at risk of exposure, as it's a step away from where the security hole is. But Atlassian data about us might be.
I think this is one that Atlassian should answer, as they'll know exactly where they might have been clobbered - I've asked them to have a look.