Accellion Was Not Effective in Notifying Customers about Attacks

31
Accellion Was Not Effective in Notifying Customers about Attacks

Accellion recently admitted that it failed to notify its customers about the zero-day security vulnerability in its file transfer application (FTA) as well as the associated cyber-attacks. The threat actors targeted the security error in it, indicated a new KPMG study.

FTA, a large file transfer service, was retired at the end of April 2021 – after 20 years of cooperation. Earlier, Accellion found a critical vulnerability within its service and many hacking attempts targeting the system flaw.

According to KPMG, “We have not sighted evidence that the vendor informed the Bank that the System vulnerability was being actively exploited at other customers. This information, if provided in a timely manner, is highly likely to have significantly influenced key decisions that were being made by the Bank at the time.”

Source: SecurityWeek

For more such updates follow us on Google News ITsecuritywire News