A bug in the Atlassian collaboration platform is to blame for this week's US government data breach, affected IT contractor CGI Federal has said.
The incident saw the Government Accountability Office (GAO) reveal over 6,000 current and former employees had been affected as a result of the breach.
It has not been confirmed if the breach affected any other government agencies, so the full extent of the damage is yet to be determined.
Blame it on the buggy
As reported earlier this week, CGI Federal disclosed that it had suffered a data breach at some point during January 2023.
The CGI Federal website states its federal clients, “include nearly every cabinet-level federal agency, military branch, and other federal entities.” A CGI representative recently stated that the company provides its services to “100 participating agencies” while testifying in front of Congress.
In a statement released by CGI Federal, the company said that it was "with authorities and clients to identify and disclose any data affected by the Confluence exploitation." According to the Cybersecurity & Infrastructure Security Agency (CISA), the Atlassian Confluence exploit was discovered in October under the vulnerability ID CVE-2023-22515.
In the statement by CISA on the Network Initial Access exploit, the organization stated that they “strongly encourage network administrators to immediately apply the upgrades provided by Atlassian. CISA, FBI, and MS-ISAC also encourage organizations to hunt for malicious activity on their networks using the detection signatures and indicators of compromise (IOCs) in this CSA.”