Google, Yahoo, NASA, Lenovo, 1Password, Zendesk, as well as governing bodies left unprotected private details that could have jeopardized their developments. The information becomes public when a setting is used for controlling the visibility of filters and dashboards for projects on Jira servers is set up for anonymous access. Jira has a user picker functionality that allows retrieving a complete list of usernames and email addresses on the misconfigured exposed servers. Government domains, private companies and educational institutions were affected.
Source: https://www.bleepingcomputer.com/news/security/misconfigured-jira-servers-leak-info-on-users-and-projects/