vz-risk / VCDB

VERIS Community Database
Other
578 stars 180 forks source link

Australia's securities regulator says server hit by cyber security breach - Accellion #16942

Closed swidup closed 2 years ago

swidup commented 3 years ago

https://www.reuters.com/article/us-australia-cyber-asic/australias-securities-regulator-says-server-hit-by-cyber-security-breach-idUSKBN29U0S7

https://www.databreaches.net/fears-grow-data-hacked-from-reserve-bank-may-be-leaked-by-clop-ransomware-group/

swidup commented 3 years ago

https://www.theregister.com/2021/01/25/asic_accellion_breach/

https://toronto.ctvnews.ca/cyberattack-hits-vaccine-records-for-thousands-of-durham-region-children-ctv-news-investigation-1.5543525

swidup commented 3 years ago

Washington State auditor's office https://www.khq.com/news/washington-state-auditors-office-suffers-security-breach-seattle-times-reports/article_641dbe82-62ac-11eb-9063-a33a89824152.html

https://www.geekwire.com/2021/data-breach-exposes-1-6-million-washington-state-residents-filed-unemployment-claims-2020/ 1.6 million records

swidup commented 3 years ago

Goodwin Procter https://www.law.com/americanlawyer/2021/02/03/vendor-responsible-for-goodwin-breach-has-some-other-big-law-clients/

https://www.law.com/americanlawyer/2021/02/03/vendor-responsible-for-goodwin-breach-has-some-other-big-law-clients/

https://www.abajournal.com/news/article/goodwin-procter-reports-data-breach-due-to-hack-of-third-party-vendor

https://news.bloomberglaw.com/us-law-week/goodwin-procter-says-it-was-hit-by-data-breach-of-vendor

swidup commented 3 years ago

University of Colorado https://denver.cbslocal.com/2021/02/09/cu-cyberattack-personal-information-compromised-students-employees/

swidup commented 3 years ago

Singtel https://www.zdnet.com/article/singtel-hit-by-third-party-vendors-security-breach-customer-data-may-be-leaked/

swidup commented 3 years ago

QIMR Berghofer Medical Research Institute https://portswigger.net/daily-swig/australian-research-institute-confirms-likely-data-breach-after-third-party-accellion-hack

swidup commented 3 years ago

https://www.databreaches.net/accellions-data-breach-left-clients-in-tough-position-pay-extortion-to-criminals-or-have-their-data-dumped/ list of victims include:

By last night, this site could find data dumps by CLOP threat actors for a number of Accellion clients in addition to Jones Day. Not all of the following have issued statements or press releases confirming that their data had been stolen:

SingTel  had previously reported that the breach impacted 129,000 people, and a number of their clients and employees. They  received a ransom demand.
Fugro 
American Bureau of Shipping (Eagle.org)
Danaher.com

Other known victims have not (yet?) shown up on the dark web leak site. There has been some media coverage or statements by these entities, but so far, there has been no report that they received ransom demands and as of this morning, they do not appear on CLOP’s leak site.

Royal Bank of New Zealand
Allens law firm in Australia
Goodwin Procter law firm
The Australian Securities and Investments Commission (ASIC)
Washington State
University of Colorado
QIMR Berghofer
swidup commented 3 years ago

Kroger https://www.databreaches.net/kroger-reports-accellion-data-breach-affecting-pharmacy-records-associate-hr-data/

https://finance.yahoo.com/news/kroger-pharmacy-customer-data-impacted-165106034.html

And Kroger's other brands are also affected, including Dillons https://www2.ljworld.com/news/public-safety/2021/feb/19/medical-data-personal-data-targeted-as-part-of-hack-of-dillons-pharmacy-locations/

swidup commented 3 years ago

Mandiant said an unknown attacker that it is tracking as UNC2546 exploited four zero-day vulnerabilities in Accellion's File Transfer Appliance (FTA) sometime in mid-December 2020. The four vulnerabilities, all of which are now patched, are: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, and CVE-2021-27104. https://www.darkreading.com/attacks-breaches/accellion-data-breach-resulted-in-extortion-attempts-against-multiple-victims/d/d-id/1340226

swidup commented 3 years ago

Transport for NSW https://www.itnews.com.au/news/transport-for-nsw-data-stolen-in-accellion-breach-561396

NSW Health https://news.softpedia.com/news/nsw-health-confirms-data-breach-due-to-accellion-flaws-533148.shtml

swidup commented 3 years ago

Bombardier https://www.zdnet.com/article/airplane-maker-bombardier-data-posted-on-ransomware-leak-site-following-fta-hack/ data posted

swidup commented 3 years ago

accellion-fta-attack-mandiant-report-full.pdf Mandiant's final report

swidup commented 3 years ago

Qualys https://blog.qualys.com/vulnerabilities-research/2021/03/03/qualys-update-on-accellion-fta-security-incident?mkt_tok=Nzk3LUVOSS03NDIAAAF7mZPnKjzUmeOE09Edz3OhZSR1Uc5vm_fQJtNPvv3uYHqwGiNzJ2JCc237PKMqyZlB72W-t5KRq8TWDcsjsf-IJotyeRpfAGmpiWFQEJsN7zgJvLk

https://www.teiss.co.uk/qualys-victim-of-accellion-fta-vulnerability/

https://blog.qualys.com/vulnerabilities-research/2021/04/02/qualys-update-on-accellion-fta-security-incident

swidup commented 3 years ago

CSX https://www.freightwaves.com/news/csx-probes-security-incident-as-hackers-leak-data

swidup commented 3 years ago

Nova Scotia Health Employees' Pension Plan https://www.cbc.ca/news/canada/nova-scotia/nova-scotia-health-employees-pension-plan-security-breach-1.5939806

swidup commented 3 years ago

https://www.reuters.com/article/dataprivacy-accellion-latham/accellion-taps-latham-as-fallout-spreads-from-data-breach-idUSL2N2L31D5 and the class actions have begun.

swidup commented 3 years ago

Flagstar Bank https://www.zdnet.com/article/flagstar-bank-customer-data-breached-through-accellion-hack/

swidup commented 3 years ago

Trillium Community Health Plan https://www.databreaches.net/trillium-community-health-plan-members-impacted-by-accellion-breach/

Nova Scotia Health Employees’ Pension Plan (NSHEPP) https://www.databreaches.net/ca-personal-data-of-50000-n-s-health-care-workers-may-have-been-compromised-by-accellion-breach/

swidup commented 3 years ago

Southern Illinois University School of Medicine https://www.databreaches.net/southern-illinois-university-school-of-medicine-impacted-by-accellion-breach-notifies-patients/

swidup commented 3 years ago

Centene https://news.bloomberglaw.com/tech-and-telecom-law/centene-sues-accellion-over-personal-health-data-exposed-in-hack

https://healthitsecurity.com/news/accellion-breach-tally-for-centenes-subsidiaries-1.3m-patients-impacted

swidup commented 3 years ago

Arizona Complete Health https://www.beckershospitalreview.com/cybersecurity/ransomware-attack-exposes-27-000-arizona-health-plan-members-data-for-2-5-weeks.html

swidup commented 3 years ago

Shell https://www.computerweekly.com/news/252498363/Oil-giant-Shell-hit-through-Accellion-FTA-breach

Morgan Stanley https://news.softpedia.com/news/morgan-stanley-suffers-data-breach-following-accellion-fta-s-attack-533491.shtml

swidup commented 3 years ago

University of Colorado, Boulder and the University of Miami Data published https://edscoop.com/university-of-colorado-u-miami-ransomware-accellion/

https://news.yahoo.com/310-000-records-compromised-university-181145836.html

swidup commented 3 years ago

CalViva Health hit with data breach - Health Net Community Solutions, Inc http://sjvsun.com/news/health/calviva-health-hit-with-data-breach/

swidup commented 3 years ago

University of California https://ucnet.universityofcalifornia.edu/news/2021/03/uc-part-of-nationwide-cyber-attack.html UC Davis https://www.ucdavis.edu/news/uc-among-targets-nationwide-cyberattack UC Berkeley https://portswigger.net/daily-swig/uc-berkeley-confirms-data-breach-becomes-latest-victim-of-accellion-cyber-attack

swidup commented 3 years ago

Yeshiva University https://yucommentator.org/2021/04/hackers-steal-yu-students-and-employees-personal-information-in-accellion-security-breach/

swidup commented 3 years ago

Stanford School of Medicine https://www.mercurynews.com/2021/04/01/investigation-underway-into-stanford-personal-data-breach

Harvard Business School https://www.thecrimson.com/article/2021/4/2/experts-explain-hbs-data-breach/

swidup commented 3 years ago

RaceTrac Petroleum Inc. https://csnews.com/racetrac-shell-impacted-third-party-cybersecurity-incident

swidup commented 3 years ago

Trinity Health https://www.beckershospitalreview.com/cybersecurity/hackers-download-trinity-health-patients-phi-5-details.html

https://medcitynews.com/2021/04/500000-trinity-health-patients-affected-in-widespread-accellion-data-breach/ patient count

EvergreenHealth https://www.evergreenhealth.com/data-breach-notice

swidup commented 3 years ago

City of Toronto https://www.databreaches.net/toronto-hit-by-potential-cyber-breach-from-accellion-file-transfer-software/

swidup commented 3 years ago

Jones Day https://www.abajournal.com/news/article/jones-day-documents-hacked-in-vendor-breach-reveal-chicago-drone-program-details?

swidup commented 3 years ago

Accellion's Failure to Warn RBNZ of Security Flaws Led to Hack https://news.softpedia.com/news/accellion-s-failure-to-warn-rbnz-of-security-flaws-led-to-hack-533099.shtml

swidup commented 3 years ago

https://www.beckershospitalreview.com/cybersecurity/accellion-data-breach-victims-topple-3-47-million-10-hospital-healthcare-orgs-hit.html

Here are the organizations that have reported Accellion-related data breaches so far, ranked by the number of individuals affected:

Kroger Pharmacy: 1,474,284

Health Net: 1,236,902

Trinity Health (Livonia, Mich.): 586,869

California Health & Wellness: 80,138

Trillium Health Plan: 50,000

Arizona Complete Health: 27,390

CalViva: 15,287

Stanford Medicine (Palo Alto, Calif.): unknown

The University of Miami Health (Coral Gables, Fla.): unknown

Centene Corp. (parent company to other insurers): unknown

swidup commented 2 years ago

https://www.reuters.com/legal/litigation/accellion-reaches-81-mln-settlement-resolve-data-breach-litigation-2022-01-13/