The data were found on at least seven different websites. In mid-February, security researchers running French cybersecurity blog Zataz discovered that the personally identifiable information (PII) and medical information of 491,840 French patients were published on a number of places online. Sensitive medical data of 500,000 French patients leaked online As of now, it remains unclear whether sensitive data were breached in the process.ģ. The company is currently working with Finnish authorities and cybersecurity experts to minimize the damage. It later notified the incident to the affected customers and said that services would only resume when the encrypted data got safely recovered. After confirming the ransomware infection, it was forced to turn off services for up to 25 clients. The company initially noticed technical issues with some of its services. Based in Espoo, Finland, and listed on NASDAQ Nordic, TietoEVRY is a major IT managed service provider in the region with clients from a variety of industries. TietoEVRY disclosed a ransomware attack on February 23, which reportedly forced it to shut down parts of its IT infrastructure and suspend certain services to its customers. Finnish IT giant TietoEVRY shuts down services following ransomware attack However, the attack method used in the campaign involved no ransomware.Ģ. A number of victims reportedly received emails containing ransom notes, threatening them to publish their data on Clop ransomware’s leak site. The three other flaws were only discovered in late January 2021 and patched in the weeks after.Īfter the attackers exploited the zero-days, a web shell named DEWMODE was installed to exfiltrate data from Accellion FTA users. It was said that the patch released by Accellion in December 2020 only covered one of the zero-days. The attackers exploited a total of four zero-day vulnerabilities in the legacy Accellion FTA product. FIN11 is a financially-motivated hacking group that has been using Clop ransomware for its attacks since 2019. The good news is that security researchers have finally identified the threat actors behind the attacks to be the FIN11 and Clop ransomware group. New victims identified in the past week included Canadian heavy industries manufacturer Bombardier, American retail giant Kroger, prominent law firm Jones Day, and Transport for NSW. The total number of companies hit by the Accellion FTA zero-day attack has surpassed 100, with at least 25 of them suffering serious data breaches. Accellion FTA attack campaign continues as ties to FIN11 and Clop ransomware unveil
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |