© Reuters. FILE PHOTO: A hand on a laptop with binary codes is seen in front of the U.S. flag in this illustration taken August 19, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
By Rafael Satter
WASHINGTON (Reuters) – A U.S. government data breach revealed earlier this year was related to a bug in enterprise software maker Atlassian's (NASDAQ ) Confluence collaboration toolset, an IT contractor said on Tuesday. .
CGI Federal, an IT contractor and unit of CGI Inc, said in a statement that it was working “with authorities and clients to identify and disclose any data affected by the Confluence exploit,” which became public in October.
Reuters has not been able to determine the size and scope of the breach. On Monday, the Government Accountability Office told Reuters that 6,000 current and former GAO employees had been victims of a data breach by an unnamed “threat actor” in connection with the attack. It has not been publicly disclosed whether other government agencies have been affected.
Atlassian did not immediately respond to a request for comment. The U.S. cyber watchdog agency, the Cybersecurity and Infrastructure Security Agency, did not immediately respond to an email.
