Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

CodeCov has been breached. Do you know if Confluence is impacted?

Trevor Luker April 16, 2021

Hi guys - Atlassian is named as a user of the CodeCov tool.

https://therecord.media/codecov-discloses-2-5-month-long-supply-chain-attack/ 

 

Do you know yet if Atlassian's products have been impacted and whether we should be concerned about the integrity or security of data we have online in Confluence or Jira?

 

 

2 answers

1 accepted

4 votes
Answer accepted
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 16, 2021

Codecov is not used as part of the products, but it is used to check coverage on some of their code bases.

So, no, my understanding is that your data is not at risk of exposure, as it's a step away from where the security hole is.  But Atlassian data about us might be.

I think this is one that Atlassian should answer, as they'll know exactly where they might have been clobbered - I've asked them to have a look.

Trevor Luker April 16, 2021

Thanks Nic - I wasn't sure who to contact.

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 16, 2021

Frankly, nor am I. 

I have been here a while, so I've picked up some of the names to ask for some problems, but not this one.  I'm sure someone will see us soon (fwiw, my label flag is not the only "escalation"(

1 vote
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 6, 2021

Hi Trevor,

Check out our official response here: Atlassian's Response to the Codecov Breach 

Cheers,
Daniel

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events