Atlassian’s Hipchat App Hacked
Atlassian messaging app Hipchat was the subject of an attack over the weekend. Intruders accessed account names and e-mail addresses, as well as Hipchat’s encrypted database of account passwords.
Hipchat’s chief security officer Ganesh Krishan told users that, although they had been accessed, the security of Atlassian storage of Hipchat passwords meant that they were still considered secure.
“This weekend, our security intelligence team detected an incident affecting HipChat.com that may have resulted in unauthorised access to user account information (including name, e-mail address and hashed password),” his statement said.
“HipChat hashes passwords using bcrypt with a random salt. In our security investigation, we found no evidence of unauthorised access to financial and/or credit card information. We can also confirm that we have found no evidence of other Atlassian systems or products being affected.”