🚀 Medial Secures Investment on Shark Tank India - Fueling the Future of Professional Social Networking. 🔥

Startup Showcase

Premium Content

Try our Valuation Calculator →

News on Medial

IT contractor CGI Federal says US government data breach was tied to Atlassian bug

Reuters · 1y ago

IT contractor CGI Federal says US government data breach was tied to Atlassian bug

A U.S. government data breach earlier this year is linked to a bug in Atlassian's Confluence collaboration software, according to IT contractor CGI Federal. The breach, which was made public in October, is currently being investigated to determine the extent of the data affected. Reports suggest that 6,000 current and former Government Accountability Office employees were victims of the breach, and it is unclear if other government agencies were affected. Atlassian and the U.S. cybersecurity agency have not yet commented on the matter.

Related News

CGI Federal points finger at Atlassian bug for US government data breach

Techradar

Techradar · 1y ago

CGI Federal points finger at Atlassian bug for US government data breach

A bug in the Atlassian collaboration platform has been blamed for a recent data breach that affected CGI Federal, an IT contractor for the US government. Over 6,000 current and former employees were impacted by the breach, and it is unclear if other government agencies were affected. CGI Federal is working with authorities and clients to identify the data affected by the Confluence exploit, with the vulnerability discovered in October 2023. The Cybersecurity & Infrastructure Security Agency (CISA) recommends immediate application of upgrades provided by Atlassian to mitigate the exploit.

US agency says it was alerted to breach by contractor CGI Federal

Economic Times

Economic Times · 1y ago

US agency says it was alerted to breach by contractor CGI Federal

IT contractor CGI Federal alerted the US Government Accountability Office (GAO) about a data breach affecting around 6,000 current and former GAO employees. The breach, carried out by a threat actor exploiting a vulnerability in an externally provided platform, exposed personally identifiable information such as names, social security numbers, addresses, and some banking information. CGI, which provides IT protection for numerous federal agencies, has not yet commented on the incident. The GAO has referred questions about the impact of the breach to CGI.

Key US government body says it might have been breached, with thousands of employees affected

Techradar

Techradar · 1y ago

Key US government body says it might have been breached, with thousands of employees affected

A possible breach at CGI Federal, a third-party contractor providing IT services, may have resulted in the theft of sensitive data belonging to around 6,600 employees of the US Government Accountability Office (GAO). The breach, which occurred in January 2024, involved stolen information such as names, social security numbers, addresses, and some banking details. The vulnerability exploited by the attackers remains undisclosed. CGI Federal provides cybersecurity services for multiple US government agencies, including the State, Justice, Commerce, and Labor departments, along with the Federal Communications Commission and US State for International Development.

Canadian federal police says they were targeted by cyberattack

Reuters · 1y ago

Canadian federal police says they were targeted by cyberattack

Canadian federal police have reported being targeted by a cyberattack, although they assure the public that there is no impact on operations and no known threat to the safety of Canadians. The Royal Canadian Mounted Police (RCMP) is currently investigating the breach to determine its extent. This follows a data breach in the Canadian government's foreign affairs department last month, indicating an increasing trend of cyberattacks on critical infrastructure in the country. The government has yet to disclose further details on the recent attack.

Rite Aid says breach exposes sensitive details of 2.2 million customers

Arstechnica

Arstechnica · 1y ago

Rite Aid says breach exposes sensitive details of 2.2 million customers

Rite Aid, the third largest US drug store chain, has announced a data breach affecting over 2.2 million customers. The breach, which occurred between June 2017 and July 2018, resulted in the theft of personal information such as driver's license numbers, addresses, and dates of birth. The stolen data was linked to purchases or attempted purchases of retail products. Rite Aid detected the incident within 12 hours and launched an investigation, though no social security numbers, financial information, or patient data were compromised. Ransomware group RansomHub has claimed responsibility for the attack. This incident follows a previous data breach in 2023 that affected over 24,000 customers.

Massive leak reveals extent of China’s foreign hacking activities

Techradar

Techradar · 1y ago

Massive leak reveals extent of China’s foreign hacking activities

Chinese police are investigating a major data leak from a private security contractor with suspected ties to Chinese state security. The leaked data, posted on GitHub, provides unprecedented insights into international cybersecurity operations. The documents reveal hacking activity, tools used, and targets such as government agencies and universities. The authenticity of the documents is yet to be confirmed. The leak also sheds light on the inner workings of the firm, including employee complaints and gambling habits. The data breach highlights the reality of global espionage, revealing more office politics than James Bond-style operations.

Health care giant Ascension says 5.6 million patients affected in cyberattack

Arstechnica

Arstechnica · 8m ago

Health care giant Ascension says 5.6 million patients affected in cyberattack

Ascension, a health care company, has reported a cyberattack that led to the loss of sensitive data for around 5.6 million individuals. The attack, attributed to the ransomware group Black Basta, disrupted operations and resulted in errors, delays, and diversions of ambulances. The stolen data includes names, medical records, payment information, insurance details, government identification, and personal information. Ascension is notifying affected individuals and offering credit and fraud monitoring, insurance reimbursement, and ID theft recovery services. The US Department of Health and Human Services has classified this breach as the third-largest health care-related breach in 2021.

Naukri bug exposed recruiter email IDs via mobile apps: Report

Economic Times

Economic Times · 3m ago

Naukri bug exposed recruiter email IDs via mobile apps: Report

A bug in Naukri.com's mobile apps exposed recruiters' email addresses, potentially risking phishing attacks and spam, according to TechCrunch. Security researcher Lohith Gowda discovered the vulnerability caused by a flaw in the API used by Naukri’s apps. The web version was unaffected. The issue has been fixed, and Naukri reported no unusual activity affecting user data integrity. Gowda warned the data could be misused in public breach databases or by scammers.

Data broker giant LexisNexis says breach exposed personal information of over 364,000 people | TechCrunch

TechCrunch · 3m ago

Data broker giant LexisNexis says breach exposed personal information of over 364,000 people | TechCrunch

LexisNexis Risk Solutions, a data broker, reported a data breach impacting over 364,000 individuals. The breach, dating back to December 2024, enabled a hacker to access sensitive personal data through LexisNexis's GitHub account. Stolen information includes names, Social Security numbers, and driver licenses. The breach is part of the larger issue of data brokers collecting and selling personal data. Recently, a plan to restrict such practices was scrapped by the U.S. administration.

23andMe says private user data is up for sale after being scraped

Arstechnica

Arstechnica · 1y ago

23andMe says private user data is up for sale after being scraped

Genetic profiling service 23andMe is investigating a data breach after private user data was scraped from its website. The stolen data, advertised for sale on an online crime forum, supposedly includes origin estimation, health information, photos, and identification data. 23andMe confirmed that private data for some users is up for sale, attributing the breach to data scraping. The company believes that login credentials used in the breach may have been obtained from previous incidents involving recycled login credentials. The incident highlights the risks of storing genetic information online.

Trackers

Active Indian VC’s

OG Capital Email

With a hands-on approach, OG Capital aims to invest in over 20 promising...

Accel Partners Email

Early and growth-stage investments in disruptive technology companies with...

Early-stage venture capital firm investing in technology startups in India. Focus on...

Access All Trackers

Startup Showcase Winners

June 2025

Helping your parents when you are miles away

The Pit Stop Your Cravings Deserve

The next generation E-commerce platform

Enter Ongoing Startup Showcase

Top Users

Trending News on Medial

Just Months After Promotion, Open ...

Microsoft locks down a building a ...

Gaming Ban Stumps Cricket: Virat ...

Download the medial app to read full posts, comements and news.