ComputerWeekly reported that Qualys, a supplier of cloud-based security services, is the latest victim of the Accellion file transfer application breach after some of its customer data were published in a Cl0p ransomware gang-operated dark web leak site. Ben Carr, chief information security officer at Qualys, confirmed the incident and said the company used the FTA tool for customer support-related file transfers in an environment not connected to its Qualys Cloud Platform. “Qualys and Accellion conducted a detailed investigation and identified unauthorised access to files hosted on the Accellion FTA server,” Carr said. "As a security company, we continue to look for ways to enhance security and provide the strongest protections for our customers. We have engaged FireEye Mandiant, which also worked with Accellion on the wider investigation,” he added. ImmuniWeb’s Ilia Kolochenko lauded Qualys’ “transparent and professional handling of a security incident,” saying that the “very nature of the incident suggests that the number of affected customers and other third parties is likely very limited. Moreover, sensitive data, such as vulnerability reports or customer passwords, are almost certainly unaffected.”
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
Investigation into the incident, which may have been caused by a successful phishing attack, is still underway, reported officials, who noted that the recovery of impacted law enforcement systems is being prioritized.
Infiltration of Michigan Medicine's employee email accounts on May 23 and 29 enabled the exfiltration of individuals' names, birthdates, addresses, medical record numbers, diagnostic and treatment details, and health insurance information, as well as the Social Security numbers of four patients.
Included in the leaked database were BreachForums 1.0 members' user IDs, login names, email addresses, registration IP addresses, and last used IP addresses.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news