Tom Pullar-Strecker reports: A ransomware gang appears to be releasing confidential data obtained from the hack of customers of US software company Accellion, raising fears that New Zealand banks may be next to have data exposed. The Reserve Bank admitted it had been subject to a serious data breach in January, which occurred when a…
Category: Subcontractor
Transport for NSW confirms data taken in Accellion breach
Aras Barbaschow reports: Transport for New South Wales (TfNSW) has confirmed being impacted by a cyber attack on a file transfer system owned by Accellion. Read more on ZDNet.
FireEye and Accellion provide more details on attack
Andrew Moore, Genevieve Stark, Isif Ibrahima, Van Ta of FireEye write: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations…
Kroger reports Accellion data breach affecting pharmacy records, associate HR data
Updated March 9: This incident subsequently appeared on HHS’s public breach tool as having been reported to HHS on February 19 and impacting 368,100 patients. Brian Planalp reports: Kroger is informing some customers and associates that a third-party software company it uses for data services recently suffered a data breach. Kroger’s own IT systems were not…
Accellion’s data breach left clients in tough position: pay extortion to criminals, or have their data dumped (with updates)
A breach involving Accellion‘s older file transfer application has left a number of its customers in the unenviable position of not only having a data breach to deal with, but with the added threat that their data and their clients’ data will be dumped by threat actors if they do not pay extortion demands. At…
UPDATED: California DMV halts data transfers with third-party company after Automatic Funds Transfer Services security breach
Update: As BleepingComputer reports, the AFTS attack appears to be the work of the Cuba ransomware threat actor(s) who claim to have exfiltrated “Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents.” They offer to sell the data on their dedicated leak site on the dark web, but do not list any…