- #Accellion breach reddit Patch#
- #Accellion breach reddit full#
- #Accellion breach reddit software#
- #Accellion breach reddit license#
Plaintiffs also alleged that Accellion failed to disclose the inadequacy of its security practices.Īccording to documents filed in Californian federal court, Accellion accepts no liability for the breach and has denied all of the allegations. The class action lawsuit accused Accellion of failing to implement and maintain appropriate data security practices to protect its clients’ sensitive data and failing to detect vulnerabilities in the security of its FTA. By February 2021, four additional vulnerabilities associated with the platform were disclosed and issued CVEs.
#Accellion breach reddit Patch#
Many Accellion clients were impacted by the breach, including Shell, The University of California, Stanford University School of Medicine, Bombardier, University of Miami Health, Trillium, Community Health Plan and Kroger.Īccellion identified a zero-day vulnerability in the product in mid-December 2020 and released a patch to address the flaw. The recommended actions for any organization, whose infrastructure includes FTAs, are to first determine if. The root cause of the breach was the exploitation of multiple vulnerabilities in their legacy File Transfer Appliance (FTA).
#Accellion breach reddit license#
Sensitive data potentially compromised and stolen in the incident included names, contact information, dates of birth, Social Security numbers, driver’s license numbers and healthcare data. Accellion, a managed service provider focused on collaboration and secure file sharing, was recently. Before the cyber-attack occurred, Accellion actively phased out the FTA and encouraged its clients to use a newly developed file transfer solution named Kiteworks.įour months before the legacy file transfer solution was due to be retired on April 30 2021, it was attacked by two advanced persistent threat (APT) groups linked to FIN11 and the CLOP ransomware gang.īy exploiting unpatched vulnerabilities in the FTA, the attackers were able to gain access to the files of Accellion’s clients from which they exfiltrated a sizable amount of data. The class action lawsuit was filed on behalf of victims whose personal information was exposed during a cyber-attack on Accellion’s file transfer appliance (FTA).Īccellion had been using the FTA for more than 20 years to securely share files deemed too sensitive or large to be sent over email. BlackCat, a ransomware group, that breached Reddit infra & stole 80GB of internal data through a phishing campaign targeting employees, now want not. The spokesperson said it was working with its clients who were caught up in the breach to move them to its premier file sharing platform which had the highest level of security.Californian technology company Accellion Inc has reached an $8.1m settlement to resolve a legal claim relating to a data breach in December 2020. breach from cyberattack on dental insurer. For their protection, we do not comment on specific customers." Reddit spokesperson declined to answer TechCrunchs questions but confirmed. "We will share more information once this assessment is complete.
#Accellion breach reddit full#
"Accellion is conducting a full assessment of the File Transfer Appliance (FTA) data security incident with an industry-leading cybersecurity forensics firm. In response to the central bank's claim, a spokesperson for Accellion said it would not comment on individual customers. UC system Accellion Data Breach leaked personal and financial information /news/2. Threat actors associated with financially-motivated hacker groups combined multiple zero-day vulnerabilities and a new web shell to breach up to 100 companies using. Accellion failed to notify the bank for five days that an attack was occurring against its customers around the world, and that a patch was available that would have prevented this breach.
"We had no warning to avoid the attack which began in mid-December. In a statement released yesterday, the bank's governor Adrian Orr said it took Accellion five days to notify it about the problem, in which time it could have avoided the hack.
#Accellion breach reddit software#
The central bank revealed last month a third party file sharing service it uses to store and send sensitive information was hacked.Īt the time, the US company which operates the software, Accellion, said it discovered a vulnerability in its software in mid-December and notified its customers within 72 hours about a patch to fix the issue. Reserve Bank of New Zealand Photo: RNZ / Alexander Robertson
0 kommentar(er)
