Rafael Sutter
WASHINGTON (Reuters) – A U.S. government data breach discovered earlier this year was linked to a bug in enterprise software maker Atlassian’s (NASDAQ:) Confluence collaboration suite, an IT contractor said on Tuesday.
CGI Federal, an IT contractor and division of CGI Inc, said in a statement that it is working “with authorities and customers to identify and disclose any data affected by the exploitation of Confluence,” which was made public back in October.
Reuters was unable to determine the size and scope of the violation. On Monday, the Government Accountability Office told Reuters that 6,000 current and former GAO employees were victims of a data breach committed by an unnamed “attacker” in connection with the hack. Whether any other government agencies were affected has not been publicly disclosed.
Atlassian did not immediately respond to a request for comment. The U.S. cybersecurity watchdog agency, the Cybersecurity and Infrastructure Security Agency, did not immediately respond to an email.