PRESS RELEASES

Accellion Provides Update to FTA Security Incident Following Mandiant’s Preliminary Findings

Mandiant Identifies Criminal Threat Actor and Mode of Attacks

PALO ALTO, Calif., Feb. 22, 2021 (GLOBE NEWSWIRE) — Accellion, Inc., provider of the industry’s first enterprise content firewall, today issued a statement regarding Mandiant’s preliminary findings with regards to the previously reported cyberattacks on Accellion’s legacy FTA product.

Mandiant, a division of FireEye, Inc., has identified UNC2546 as the criminal hacker behind the cyberattacks and data theft involving Accellion’s legacy File Transfer Appliance product. Multiple Accellion FTA customers who have been attacked by UNC2546 have received extortion emails threatening to publish stolen data on the “CL0P^_- LEAKS” .onion website. Some of the published victim data appears to have been stolen using the DEWMODE web shell. Mandiant is tracking the subsequent extortion activity under a separate threat cluster, UNC2582.

Accellion strongly recommends that FTA customers migrate to kiteworks, Accellion’s enterprise content firewall platform. These exploits apply exclusively to Accellion FTA clients: neither kiteworks nor Accellion the company were subject to these attacks. Kiteworks is built on an entirely different code base, using state-of-the-art security architecture, and a segregated, secure devops process. The kiteworks platform is FedRAMP authorized for Moderate CUI, and demonstrates compliance with GDPR, HIPAA, NIST 800-171, FIPS, SOC2, ISO 27001, and other data privacy regulations and standards.

Accellion has patched all known FTA vulnerabilities exploited by the threat actors and has added new monitoring and alerting capabilities to flag anomalies associated with these attack vectors.

Accellion does not access the information that its customers transmit via FTA. Following the attack, however, Accellion has worked at many customers’ request to review their FTA logs to help understand whether and to what extent the customer might have been affected. As a result, Accellion has identified two distinct groups of affected FTA customers based on initial forensics. Out of approximately 300 total FTA clients, fewer than 100 were victims of the attack. Within this group, fewer than 25 appear to have suffered significant data theft.

Accellion continues to offer support to all affected FTA customers to mitigate the impact of the attack.

The following CVEs have since been reserved for tracking the recently patched Accellion FTA vulnerabilities:

To read Mandiant’s preliminary findings on the cyberattack on Accellion’s legacy FTA product, please visit https://www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html. Mandiant’s complete report will be made available in the coming weeks.

To learn more how Accellion helps organizations secure their third party communications, please visit Enterprise Content Firewall.

About Accellion
The Accellion enterprise content firewall prevents data breaches and compliance violations from sensitive third party communications. With Accellion, CIOs and CISOs gain complete visibility, compliance, and control over IP, PII, PHI, and other sensitive content across all third-party communication channels, including email, file sharing, mobile, enterprise apps, web portals, SFTP, and automated inter-business workflows. Accellion has protected more than 25 million end users at more than 3,000 global corporations and government agencies, including NYC Health + Hospitals; KPMG; Kaiser Permanente; AVL; American Automobile Association (AAA); Linde Gas; Tyler Technologies; and the National Institute for Standards and Technology (NIST). For more information, please visit www.accellion.com or call (650) 485-4300. Follow Accellion on LinkedInTwitterFacebook, and Accellion’s Blog.

Media Contact
Rob Dougherty
(650) 687-3163
[email protected]

Accellion and kiteworks are registered trademarks of Accellion USA LLC. in the US and other countries. All other trademarks contained herein are the property of their respective owners.

 

Latest News

Philips advances AI-enabled streamlined workflow solutions in diagnostic X-ray at ECR 2021

March 4, 2021 New partnership with AI software provider Lunit to incorporate its chest detection suite into Philips’ diagnostic X-ray suite Latest release of Philips Digital Radiography and Fluoroscopy system (CombiDiagnost R90) receives FDA 510(k) clearance Amsterdam, the Netherlands – Royal Philips (NYSE: PHG, AEX: PHIA), a global leader in health technology, today announced a […]

UPS Healthcare and The UPS Foundation make financial and in-kind commitment to facilitate equitable worldwide vaccine deliveries

Initial commitment for delivery of 20 million doses to countries in need across four continents Key support for equitable vaccine distribution through COVAX, Gavi, the vaccine alliance and CARE’s Fast + Fair initiative Working with countries across Africa, Asia, Europe and South America to accelerate global vaccination efforts Cold chain, additional freezer capacity is yet […]

ISW Holdings เพิ่มจำนวนชุดขุดเหรียญคริปโตเคอเรนซีที่ใช้งานอยู่อีกสามเท่าด้วยศูนย์ข้อมูล POD5IVE เพิ่มเติม

ลาสเวกัส, March 04, 2021 (GLOBE NEWSWIRE) — ผ่าน InvestorWire — ISW Holdings, Inc. (OTC: ISWH) (“ISW Holdings” หรือ “บริษัท”) กลุ่มบริษัทซึ่งมีผลิตภัณฑ์ที่หลากหลายอันประกอบด้วยสายธุรกิจที่สำคัญซึ่งตอบสนองความต้องการผลิตภัณฑ์ของผู้บริโภคในตลาดที่กระจายศูนย์ มีความยินดีที่จะประกาศว่าหลังจากการลงนามในข้อตกลงการโฮสต์กับ Bit5ive LLC ซึ่งตั้งอยู่ในไมอามี ฟลอริดา และ Scrubgrass Generating Company, LLP ซึ่งตั้งอยู่ใน เคนเนอร์เดลล์ เพนซิลเวเนีย บริษัทได้ประสบความสำเร็จในการเพิ่มชุดขุดเหรียญคริปโตเคอเรนซีเป็นสามเท่าด้วยการเพิ่มศูนย์ข้อมูล POD5IVE ใหม่สอง (2) แห่ง ขณะนี้บริษัทได้ดำเนินการศูนย์ข้อมูล POD5IVE ทั้งหมดสามหน่วยและคาดการณ์ถึงการเร่งกระแสเงินสด การเติบโตของรายได้และความสามารถในการทำกำไร ศูนย์ข้อมูล POD5IVE ที่สร้างขึ้นโดยความร่วมมือกับ Bit5ive เป็นศูนย์ข้อมูลที่มีการออกแบบเชิงวิวัฒนาการ ข้อมูลจำเพาะต่างๆ ได้แก่: พลังการขุดที่ใช้งาน: 62-92 Th/s ขึ้นอยู่กับเครื่องมือขุดเหรียญ แฮชเรท SHA […]