Hi Yoav,

I understand you have concerns about seeing this username that looks like a sql injection attempt. 

One explanation is that someone tried to test the security of the site by creating an account with such a name. This becomes more likely to happen if you happen to be using Jira Service Management, as it has the potential to create an unlimited number of customer level accounts, and in some cases allows those users to create their own accounts.

Another possibility is that if you imported data into Jira from another source (say Jira Server/Data Center or some other issue tracker) Jira can create dummy user accounts in order to associate which issues are reported/assigned to users from that imported data.  Perhaps this user account is something that was imported from a previous data set.

You can see all the user accounts associated with your Cloud site if you go to

https://[yoursitename].atlassian.net/admin/users

You should see all such accounts that could be licensed users, as well an unlicensed JSM customers.  If this account is not in use, you can likely remove it from your site.

But seeing this option in this location does not really give me cause for concern here.  I suspect that somewhere in the issue data of your site, that user once existed in a user field.

Let me know if you have any followup concerns about this.

Andy