I tried to test JIRA and things were really bad
Long story short.
I have an account with Atlassian, and I use many of their services. One of my customers mentioned to me the connection between JIRA (a part of the service of Atlassian) and Microsoft 365, so we decided to test JIRA. At first, it was easy, I just signed with my Atlassian account, go to JIRA, and I signed with the service. Fine.. but 5 minutes later I receive the next email:
JIRA never mentioned that I needed some kind of identification.
And worse, my entire account is blocked with all the other services! all my information is captive and not just JIRA.
The email says that I can recover my account using:
Official documentation includes, but is not limited to, a government-issued driver's license or identification card, passport, utility bill, mortgage or bank statement, etc. Please make sure your full name and address are clearly visible.
And it is easy to say than done.
I pay most of my utilities via my bank, so I don't get bills
I checked my bank statement (account and credit card) and it shows my name but not my address.
It is the same with my mortgage, my name but not my address. I think banks (at least in my country, are less willing to show addresses).
So I will use my driver's license and my national id. In any case, it is a huge security risk but, what I can do?
ps: I don't think terrorists use JIRA at all.
ps2: In fact, I think the opposite, terrorists must use JIRA, because f*ck them! while legit users must use something else.
Update July 23, 2023
Today, my account is still disabled, however, I am still receiving spam from part of them to join them in some services. i.e. they want me to join them, using the same account that they blocked. Are they thinking straight?
The email: