Accellion – A Cautionary Tale

Every data breach serves as a learning experience, both for the companies affected and for those that observe the situation from afar. The recent Accellion breach is certainly no exception. With thousands of companies and educational institutions among the victims, the case is a large-scale example of what can go wrong when a single point of failure cascades to a large group of organizations

The Story of the Accellion Breach

Accellion, a company that sells file-transfer software to businesses and educational institutions, prides itself on offering secure file transfers to its client organizations. Companies, agencies, and universities use its on-premise software to transfer files from one component of its network to another. The software is meant to be entirely secure, but the recent breach has belied this claim. First discovered in December of 2020, the scale of the problem has become apparent in recent months as thousands of organizations and countless individuals were ultimately affected by a vulnerability within their software.  The breach has become a cyber catastrophe of monumental proportions.

Where Exactly Did The Breach Occur?

The Accellion breach stems from a vulnerability within the software itself. Hackers were able to extract information from files being transferred. Fireeye, a cybersecurity forensics company, first identified the source of the breach. Since then, Accellion has shored up the vulnerabilities within their software but far too late for many individuals who’s data has been stolen.

Who Were The Hackers?

Investigators believe the hackers belong to the Clop cybercriminal gang, a group that exploits sensitive data in order to collect ransoms. These ransomware attacks are becoming increasingly common as hackers find new ways to profit from cyber criminality.

Who Were The Victims?

After discovering the vulnerabilities in the file-transfer software, hackers were able to use that one access point to leach data from a significant number of sources. Over 3,000 organizations, all clients of Accellion, were targeted in the attack. Universities, companies, government agencies, and hospital groups are included among the victims.  Some of the more prominent organizations affected are:

  • U.S. Department of Health and Human Services
  • Stanford University
  • University of California
  • University of Colorado
  • University of Maryland, Baltimore
  • Trinity Health System
  • Kroger Grocery Stores
  • Flagstar Bank
  • Reserve Bank of New Zealand
  • Australian Securities and Investments Commission
  • Australia’s Transport for New South Wales
  • Bombardier (Canadian Jet Manufacturer)
  • Jones Day Law Firm
  • Royal Dutch Shell
  • Singtel

Individuals within these organizations, both clients and employees, had their social security numbers and other sensitive data revealed.

Concerns About Similar Attacks on Cloud-Based Services

While the Accellion breach stemmed from vulnerabilities with on-premise devices, experts are concerned that similar hacks could affect cloud-based services. There have already been some incidents that demonstrate this possibility. In 2020, for example, vulnerabilities within the Blackbaud cloud-based service for charities and universities lead to a significant breach. Companies and organizations need to remain alert to stave off similar issues in the future. Both cloud-bases and on-site services are often vulnerable to attacks.

What You Can Learn From The Breach

As you watch the victims of this recent breach struggle to protect clients and employees, it’s important to keep your organization from becoming a future victim. The cost of reacting to a breach is significant:

  • Identity protection and/or credit monitoring must be offered to any victim for a period of 1 year at your cost
  • IT costs can soar as your network must be assessed, vulnerabilities patched, and new partners or protections are onboarded
  • Your brand suffers significant reputational harm

Taking A Proactive Approach

An organization is always better off avoiding a costly breach than cleaning up the mess after the fact. Far too many companies take a reactive approach, responding only after the worst has occurred. Flipping the script to a proactive stance could benefit companies in a multitude of ways.

A responsible business, agency, or educational institution should do everything in its power to ward off an attack. A wise leader will always go the extra mile to mitigate risks before an attack has happened. Just  like you would never operate a company without liability insurance or build a website without a firewall, you should never run an organization without making sure the individuals involved – both customers and employees – have all their data protected.

Smart organizations recognize that their most valuable asset is the people they deal with every day.  A company is nothing without its customers or employees.  Has your company ever considered how best to protect them?  For instance, identity protection solutions are readily available and include both retail offerings and white label solutions.  The approach that best fits your situation is dependent on many things,  but even cursory research will uncover that they can benefit your company in a number of different ways. While mitigating corporate risk is a major component of managing any enterprise, protecting the people you support often goes forgotten until it’s too late.

Seeking Sound Solutions

Don’t leave your organization vulnerable to the type of breach that has devastated Accellion’s partners and clients. You need a 360-degree view of security and protection – and it should include identity protection and monitoring services that proactively protect your most important – and vulnerable – asset, your customers and employees.

Exit mobile version