Update on Atlassian Confluence vulnerability  

As you may have noticed when trying to access DigitalRoute product documentation, InfoZone was offline September 6 and 7. This downtime was caused by a massive and still ongoing hacking attack aimed at exploiting thousands of Atlassian Confluence servers around the world. Attackers found and weaponized a zero-day vulnerability that existed in all versions of the software and allowed them to execute code on any Confluence server that was online at the time.  

We received alerts from our centralized security monitoring solution on September 6, and we immediately activated the incident response protocol. We took the server offline and engaged a certified forensics third-party company that performed an analysis of the compromise.  

Once the threat was neutralized, the InfoZone server was restored from the safe off-site backup, patched up with the latest fix from Atlassian, and verified by the third-party forensic company. InfoZone is now back online. The independent forensics company also confirmed that no other servers or data on DigitalRoute’s network were compromised.  

Is your data safe? We have no evidence of hackers extracting accounts or passwords of Confluence users, modifying InfoZone content, or accessing any confidential information.   

What’s next? Continue using InfoZone as before. Even though no password and account compromise was detected, we would still recommend that all users change their password in order to be extra safe and secure.  

Our customers’ security is our top priority, and we will continue working hard to discover, mitigate, and remove any threats that arise.  

If you have any questions, please contact Igor Andriushchenko, Lead Security Architect & CISO at DigitalRoute: igor.andriushchenko@digitalroute.com