On August 25, 2021, Workiva received a Confluence Security Advisory which identified a vulnerability in the Confluence Data Center that was actively being exploited in the wild.
Following notification, Workiva quickly enabled the recommended hotfixes, initiated our emergency patching processes, and conducted an investigation to determine whether our servers had been targeted. As of September 4, all Confluence servers in our environment have been patched and are no longer vulnerable.
To date, our investigation into this vulnerability has found no evidence of unauthorized access or other impact to the Workiva platform or our customers' data.
We will continue to monitor the situation.
For more information, please see the Confluence Security Advisory: https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html