![]() Accellion revealed that it became aware of a then zero-day security vulnerability in the product in mid-December, and subsequently scrambled to patch it. Shell did not say specifically how attackers accessed its Accellion implementation, but the breach is likely related to a series of attacks on vulnerabilities in Accellion FTA, a 20-year-old legacy product used by large corporations around the world. “We have also been in contact with relevant regulators and authorities and will continue to do so as the investigation continues.” “Shell is in contact with the impacted individuals and stakeholders and we are working with them to address possible risks,” the company said in a statement. Shell, the fifth largest company in the world, also revealed several of its global petrochemical and energy company affiliates were impacted.Īccording to the company, once it learned of the incident, Shell immediately addressed the vulnerabilities with its service provider and cybersecurity team, and started an investigation to better understand the nature and extent of the incident. However, because its Accellion implementation its core IT systems were unaffected by the breach, “as the file transfer service is isolated from the rest of Shell’s digital infrastructure,” the company said. “Shell uses this appliance to securely transfer large data files.”Īttackers “gained access to “various files” containing personal and company data from both Shell and some of its stakeholders, acknowledged the company. ![]() “Shell has been impacted by a data-security incident involving Accellion’s File Transfer Appliance,” the company revealed on its website last week. Energy giant Royal Dutch Shell is the latest victim of a series of attacks on users of the Accellion legacy File Transfer Appliance (FTA) product, which already has affected numerous companies and been attributed to the FIN11 and the Clop ransomware gang.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |