Fwd: Atlassian Security Breach - Change Password

[Corey Chandler <corey () sequestered net>]

Just got this in my email.  Very interesting, I thought-- who the heck
doesn't hash passwords in this day and age?

-- Corey / KB1JWQ

----- Forwarded message from Glenn Butcher <gbutcher () mailer atlassian com> -----

> Date: Mon, 12 Apr 2010 10:44:19 -0600
> From: Glenn Butcher <gbutcher () mailer atlassian com>
> To: REDACTED
> Subject: Atlassian Security Breach - Change Password
>
>
>                      To view this email as a web page, go here.
> Atlassian
>
>
> We are sending you this message because we experienced a security breach and
> suspect that your Atlassian customer account password details (only) may have
> been compromised.
>
> It is very unlikely that an unauthorised user has had the opportunity to log in
> to your account so far and if they have, there is very little in the way of
> personal information which could have been accessed. However, to minimise any
> further risk to your Atlassian account being compromised, we strongly recommend
> that you change your Atlassian account password as soon as possible using the
> procedure below.
>
> Be aware that this security issue only affects Atlassian customers who created
> an Atlassian account and purchased one of our products before June 2008. Since
> then, we have been using a more secure user management system based on
> Atlassian's Crowd product. When you change your Atlassian account password
> using the procedure below, your Atlassian customer account details will be
> stored in our updated Crowd user management system, which will further minimise
> the chance of a security breach occurring in future.
>
> Procedure for changing your Atlassian customer account password:
>
> 1) Login to http://my.atlassian.com
> 2) Click "My Profile" (3rd tab)
> 3) Click "Change Password" (in Contact Information section)
> 4) Update your password to a new value
>
> Atlassian apologises for the inconvenience caused. However, this is an
> extremely rare event for us and since we take security issues seriously, we are
> taking every precaution possible to minimise the effects of this security
> breach.
>
> Sincerely/Best regards,
> Glenn Butcher
> Director of IT
>
>
> AtlassianAtlassian NewsletterAtlassian BlogsFollow Atlassian on Twitter
> *
>
> This email was sent to: atlassian () jury sequestered net
>
>
> This email was sent by: Atlassian
> 173-185 Sussex Street, Sydney, NSW, 2000, Australia              [newpowered]
>
>
>
> We respect your right to privacy - view our policy

----- End forwarded message -----
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php