Category Archives: Accellion

Accellion breach exposed data from patients at major Michigan hospital system

Posted on by

A major Michigan hospital system on Friday notified roughly 1,500 patients that their information may have been exposed as a result of a hack against file-sharing service Accellion. The law firm Goodwin Proctor notified Beaumont Health in February that patient data shared by the hospital with legal counsel may have been entangled in the wide-reaching hack through the firm’s use of Accellion. Beaumonth Health is a network of health facilities that reported $4.58 billion in total revenue for 2020. A follow-up investigation by Beaumont found that impacted patient health data included patient name, procedure name, physician name, internal medical record number and dates of service. No patient financial information was impacted, the hospital stated in a press release. Beaumont Health joins a list of at least 11 healthcare organizations that were affected by a December breach of the file sharing service Accellion. Two of the victims, Kroger Pharmacy and healthcare insurer […]

The post Accellion breach exposed data from patients at major Michigan hospital system appeared first on CyberScoop.

Continue reading Accellion breach exposed data from patients at major Michigan hospital system

Ukrainian Police Nab Six Tied to CLOP Ransomware

Posted on by

Authorities in Ukraine this week charged six people alleged to have been part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. Some of CLOP’s victims this year alone include Stanford University Medical School, the University of California, and University of Maryland. Continue reading Ukrainian Police Nab Six Tied to CLOP Ransomware

Ukrainian cops seize cash, computers as part of Clop ransomware crew disruption

Posted on by

Ukrainian authorities said Wednesday they’ve taken action against a hacking outfit that was responsible for roughly half a billion dollars in digital extortion in recent years, in a rare example of law enforcement disrupting accused ransomware scammers. Six unnamed suspects are accused of infecting organizations in the U.S. and South Korea with the Clop ransomware. Investigators previously linked prior Clop activity to TA505, a financial hacking group, and a messy data breach at Accellion, in which hackers leveraged access to an IT vendor to threaten a number of its partners. Ukrainian authorities did not explicitly state they have arrested the accused hackers in a statement Wednesday. Police carried out 21 searches in the capital city of Kyiv, including the homes and cars of the defendants, to seize computer equipment and $5 million in Ukrainian hryvnia currency (roughly $184,000 in U.S. dollars). Whether police had targeted Clop developers or an affiliate […]

The post Ukrainian cops seize cash, computers as part of Clop ransomware crew disruption appeared first on CyberScoop.

Continue reading Ukrainian cops seize cash, computers as part of Clop ransomware crew disruption

Accellion Data Breach Highlights Third-Party Risk

Posted on by

Two mega-breaches caused by third parties earlier this year, following the SolarWinds supply chain hack created a growing tsunami of third-party risk for enterprises and government organizations. Security software provider Accellion also suffered a br… Continue reading Accellion Data Breach Highlights Third-Party Risk

Rapid7 says attacker accessed its source code in Codecov supply chain hack

Posted on by

An unauthorized party accessed Rapid7 source code via the Codecov supply chain compromise, the cybersecurity company said Thursday, making it the latest confirmed victim known to be swept up in the attack. Rapid7 said it made limited use of Codecov’s affected Bash Uploader tool, used to share code reports with the software auditing company, as part of its managed detection and response program. After conducting an internal investigation, Rapid7 determined to what degree any outsiders might have infiltrated Rapid7 repositories. “A small subset of our source code repositories for internal tooling for our MDR service was accessed by an unauthorized party outside of Rapid7,” the company wrote in a blog post. “We have contacted the small subset of customers who may be impacted by this incident to ensure they take appropriate steps to mitigate any potential risk,” the blog post continued. “Note: If you haven’t been contacted by us about […]

The post Rapid7 says attacker accessed its source code in Codecov supply chain hack appeared first on CyberScoop.

Continue reading Rapid7 says attacker accessed its source code in Codecov supply chain hack

Hacker team-ups pose 2021 threat to financial industry, group cautions

Posted on by

An information sharing group for the financial sector warned on Tuesday that banks will encounter growing danger this year from converging nation-state and criminal hackers, as well as supply chain risks and cross-border attacks. The report from the Financial Services Information Sharing and Analysis Center serves as a recap of threats the industry endured last year, as well as a forecast for 2021. Ransomware and other kinds of extortion attacks were among the biggest hazards for the financial services industry last year, FS-ISAC said. The organization said it expects further use of the increasingly common ransomware method of hackers leaking partial data to incentivize higher victim payments, and it said that more than 100 financial companies received distributed denial-of-service extortion threats last year. The organization also suggested that state-sponsored groups would leverage access or other techniques established by financially motivated scammers to boost their own operations. FS-ISAC did not point […]

The post Hacker team-ups pose 2021 threat to financial industry, group cautions appeared first on CyberScoop.

Continue reading Hacker team-ups pose 2021 threat to financial industry, group cautions

Bank loses customers’ social security numbers after ransomware attack

Posted on by

Things don’t get much worse than having to admit to your employees that a gang of cybercriminals have broken into your infrastructure, stolen the private details (social security numbers, names and home addresses) of your staff, and are demanding that … Continue reading Bank loses customers’ social security numbers after ransomware attack

Energy giant Shell impacted in Accellion hack

Posted on by

Oil and gas company Shell is the latest organization to get caught up in the hack that targeted IT provider Accellion’s file-sharing platform, the energy company says. The suspected criminal hackers behind the breach, who have gone after victims around the world using vulnerabilities in Accellion’s file transfer application (FTA), have accessed some personal data as well as data belonging to Shell stakeholders and subsidiaries, the company said on March 16. Shell had used the FTA to securely transfer large files. The incident appears to have only impacted the Accellion file transfer service. Shell claims there is “no evidence” so far that the incident has affected Shell’s IT system itself. Shell is working with authorities and regulators to investigate the incident, the firm said. The list of companies that use Accellion’s FTA that have fallen victim to the Accellion hack continues growing by the day. A Michigan-based savings bank and […]

The post Energy giant Shell impacted in Accellion hack appeared first on CyberScoop.

Continue reading Energy giant Shell impacted in Accellion hack

F5 releases patches for nearly two dozen vulnerabilities, some critical

Posted on by

F5 Networks, a leading provider of enterprise networking equipment, disclosed four critical vulnerabilities and 17 others on Wednesday as the recent parade of major flaws needing patches marches ahead. Three of the vulnerabilities would allow hackers to remotely execute code on target networks. It’s the second time in in two years that F5 has disclosed such a flaw. In 2020, both Cyber Command and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued warnings about the earlier reported vulnerabilities. F5 joins Microsoft, SolarWinds and Accellion on the list of companies that have needed to release major patches in recent months. In the case of F5 so far, “We are not aware of any active exploits for these vulnerabilities,” spokesperson Rob Gruening said. The flaws affect both the F5 BIG-IP local traffic manager and BIG-IQ centralized management software. The company announced fixes for all of the vulnerabilities. Despite the […]

The post F5 releases patches for nearly two dozen vulnerabilities, some critical appeared first on CyberScoop.

Continue reading F5 releases patches for nearly two dozen vulnerabilities, some critical

Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

Posted on by

The Accellion hack has claimed another victim, this time a financial firm that boasts it’s the second-largest savings bank in the United States. Michigan-based Flagstar Bank recently began notifying affected customers that on Jan. 22, Accellion, an IT provider, relayed that a vulnerability in its file sharing platform had affacted Flagstar. The software flaw has led to breaches at firms around the world, with hackers exploiting the Accellion vulnerability to victimize grocery chain Kroger, cybersecurity company Qualys, the Reserve Bank of New Zealand, the state of Washington, prominent law firm Jones Day (which counts former President Donald Trump among its clients) and perhaps others. “Unfortunately, we have learned that the unauthorized party was able to access some of Flagstar’s information on the Accellion platform and that we are one of numerous Accellion clients who were impacted,” Flagstar said in a notice on its website. The Clop ransomware gang, alternately known […]

The post Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk appeared first on CyberScoop.

Continue reading Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk