Category Archives: fin11

Energy giant Shell impacted in Accellion hack

Posted on by

Oil and gas company Shell is the latest organization to get caught up in the hack that targeted IT provider Accellion’s file-sharing platform, the energy company says. The suspected criminal hackers behind the breach, who have gone after victims around the world using vulnerabilities in Accellion’s file transfer application (FTA), have accessed some personal data as well as data belonging to Shell stakeholders and subsidiaries, the company said on March 16. Shell had used the FTA to securely transfer large files. The incident appears to have only impacted the Accellion file transfer service. Shell claims there is “no evidence” so far that the incident has affected Shell’s IT system itself. Shell is working with authorities and regulators to investigate the incident, the firm said. The list of companies that use Accellion’s FTA that have fallen victim to the Accellion hack continues growing by the day. A Michigan-based savings bank and […]

The post Energy giant Shell impacted in Accellion hack appeared first on CyberScoop.

Continue reading Energy giant Shell impacted in Accellion hack

Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

Posted on by

The Accellion hack has claimed another victim, this time a financial firm that boasts it’s the second-largest savings bank in the United States. Michigan-based Flagstar Bank recently began notifying affected customers that on Jan. 22, Accellion, an IT provider, relayed that a vulnerability in its file sharing platform had affacted Flagstar. The software flaw has led to breaches at firms around the world, with hackers exploiting the Accellion vulnerability to victimize grocery chain Kroger, cybersecurity company Qualys, the Reserve Bank of New Zealand, the state of Washington, prominent law firm Jones Day (which counts former President Donald Trump among its clients) and perhaps others. “Unfortunately, we have learned that the unauthorized party was able to access some of Flagstar’s information on the Accellion platform and that we are one of numerous Accellion clients who were impacted,” Flagstar said in a notice on its website. The Clop ransomware gang, alternately known […]

The post Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk appeared first on CyberScoop.

Continue reading Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

FireEye IDs hacking group suspected in Accellion, Kroger breach

Posted on by

Security investigators have identified the hacking group suspected to be behind a data breach of an IT firm that has affected a number of corporations, law firms and other organizations in recent months.  Accellion, a software firm that provides file transfer services to more than 3,000 clients, on Monday said that UNC2546, a “criminal” attacker, had exploited multiple vulnerabilities in Accellion software to install malware. The group appeared to infiltrate an Accellion tool to gather information from Accellion clients, then contact victims, threatening to publish their stolen data. Mandiant, the incident response arm of the security vendor FireEye, made the determination that UNC3546 was behind the incident.  The breach at Accellion, uncovered on Dec. 23, involved an attacker leveraging a zero-day vulnerability to break into the Palo Alto-based cloud company’s secure file transfer application, or FTA.  “The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, […]

The post FireEye IDs hacking group suspected in Accellion, Kroger breach appeared first on CyberScoop.

Continue reading FireEye IDs hacking group suspected in Accellion, Kroger breach