Accellion’s Oil Spillover Flaw
The biggest “sleeper” attack of the year so far, the hacking of a little-known cloud company called Accellion didn’t get as much press as other hacks but had big implications worldwide. In December, the ransomware gang ClOP used security flaws in one of Accellion’s most widely used products to hack the files of dozens of prominent entities throughout the world. The victims included Shell Oil, about a half dozen American universities, a Canadian aerospace manufacturer, banks and transportation agencies, a telecom conglomerate in Singapore, and one of America’s largest supermarket chains, Kroger, among others.
Of course, as of this writing, 2021 is only halfway over. At the rate we’re going so far this year, these major hacks are unlikely to be the last.
Update 12:10 pm ET, July 13: Added Kaseya hack.
Update 6:10 pm ET, Oct. 7: Added Twitch hack.
Related Articles
Federal Cyber Experts Thought Microsoft’s Cloud Was Garbage. They Approved It Anyway.
The government relies, in part, on third-party firms to vet cloud technology, but those firms are hired and paid by the company being assessed.
