Delicious/delimiterau
- Dell chief defends transfer pricing
- Qantas tech exec shifts to Jetstar
- Zurich Australia leads regional thin client push
- Early investors drop Facebook
- Victoria kills HealthSMART IT project
- Woz not great - mUmBRELLA
- Santos' thin client starts big-data plans
- Nokia Lumia 800 revs up at Bridgestone
- Telstra privacy breach was 'one little oops'
- 'Battleground of the future' the focus of new agreement with US
Featured, News - Written by Renai LeMay on Tuesday, April 13, 2010 10:32 - 0 Comments
Atlassian plugs security hole
Australian collaborative software developer Atlassian today warned customers that it had in the past several days plugged a security hole that could have compromised customer passwords.
“Around 9PM US PST Sunday evening, Atlassian detected a security breach on one of our internal systems. The breach potentially exposed passwords for customers who purchased Atlassian products before July 2008,” said the company’s chief executive, Mike Cannon-Brookes (pictured), writing on the company’s corporate blog.
“During July 2008, we migrated our customer database into Atlassian Crowd, our identity management product, and all customer passwords were encrypted. However, the old database table was not taken offline or deleted, and it is this database table that we believe could have been exposed during the breach.”
Atlassian advised customers to change their passwords if they had an account with the software developer before July 2008, although software as a service or hosted customers, or those running Atlassian products behind their firewall were not affected. No credit card or payment details were exposed.
Cannon-Brookes apologised to customers, saying the old customer database should have been deleted as it had passwords stored in plain text. “There’s no logical explanation for why it wasn’t, other than as we moved off one project, and on to the next one, we dropped the ball and screwed up,” he wrote.
He also noted that as Atlassian had emailed customers about the problem, hundreds of thousands of those affected changed their passwords simultaneously — causing Atlassian’s web servers to crumple. In hindsight, he said, Atlassian should have reset customers’ passwords itself.
“We apologise for the extra consternation this caused — our web servers are back purring along as normal,” he said. Atlassian is researching the security hole and will provide further information once it knows more.
Atlassian is an Australian software company built from the ground up by Cannon-Brookes and co-founder Scott Farquhar over the past eight years. Providing collaborative software — for example, its JIRA bug and issue tracker and its Confluence enterprise wiki software — it has grown to over 220 employees across offices in Sydney, San Francisco and Amsterdam.
Image credit: Atlassian
Related posts:
- DDoS attack knocks Atlassian offline
- Atlassian seeks engineering VP
- Atlassian invests in Dutch SaaS firm
- Growing Atlassian still looking for CTO
- Will Dropbox’s security hole boost Aussie rivals?
| Tweet | |
![]() |
Enterprise IT, Featured, News - May 23, 2012 12:54 - 0 Comments
SAP’s SuccessFactors deploys Aussie datacentre
More In Enterprise IT
- Govt pushes ahead with cloud-sharing approach
- The ABC didn’t sack Bitcoin miner
- Victoria dumps HealthSMART e-health project
- HP completes giant new NSW datacentre
- Microsoft beats Salesforce to utility CRM deal
Analysis, Telecommunications - May 23, 2012 11:08 - 5 Comments
The NBN, service providers and you … what could go wrong?
More In Telecommunications
- NBN here to stay under Coalition, says analyst
- iiNet ramps up Internode digestion
- China concerned by Huawei NBN ban, says Bob Carr
- Parliament knocks back surveillance terms
- Evidence: Rural Australia is demanding the NBN
Gadgets, News - May 21, 2012 12:32 - 5 Comments
Galaxy S III listed for Telstra, Optus and Vodafone
More In Gadgets
- Will Telstra skip Nokia’s Lumia 900?
- New BlackBerry OS 7.1 hits Australia
- ASUS Transformer Pad tablet hits Australia
- HTC One XL on sale: Compatible with Telstra 4G
- Optus a “disgusting” company, says AFL chief
Reviews - May 7, 2012 18:16 - 2 Comments
Telstra Mobile Wi-Fi 4G: Review
More In Reviews
- Samsung Galaxy S III: Preview
- HTC Titan II 4G: Preview
- Nokia Lumia 710: Review
- Sony Xperia S: Review
- Samsung Omnia W: Review









sponsored post ING Direct recently implemented a private cloud solution to virtualise its entire banking platform, allowing it to provision a new copy of itself -- a so-called 'bank in a box' -- within minutes. 
Leave a Comment