CyberScoop reports that federal IT contractor CGI Federal revealed that the breach of its systems that resulted in the compromise of data from nearly 6,600 current and former employees at the Government and Accountability Office stemmed from the exploitation of a vulnerability affecting some Atlassian Confluence Data Center and Server versions. Organizations had been warned by the Cybersecurity and Infrastructure Security Agency, the Multi-State Information Sharing and Analysis Center, and the FBI in October regarding the active exploitation of the Atlassian Confluence flaw.
Source: SC Magazine