Friday, October 15, 2021

Transport for NSW confirms data theft in Accellion breach

Must Read

Indian supply-chain giant Bizongo suffers a massive data breach

Indian start-ups have been hit with a string of data breaches in recent days, and Mumbai-based digital supply-chain giant...

Ongoing ransomware attack leaves systems badly affected, says Scottish Environmental Regulator

About a month after the first attack, the Scottish Environmental Protection Agency (SEPA) systems remained offline - and stolen...

Kaseya releases patches for flaws exploited in the REvil ransomware attack

Kaseya Florida-based software vendor On Sunday rolled out a security update for the VSA zero-day vulnerabilities exploited by the...

Transport for New South Wales (TfNSW) has confirmed it will be affected by the cyberattack on the Accellion-run file transfer system.

The Accellion system has been widely used to distribute and store files by organizations around the world, including NSW Transport, the government organization said Tuesday afternoon.

“Before the attack on Accellion servers was interrupted, some Transport for NSW information was taken,” it wrote.

TfNSW said Cyber ​​Security NSW has conducted a state government investigation with the help of forensic experts.

“We are working closely with Cyber ​​Security NSW to understand the impact of these breaches, including customer details,” it said.

It said the breach was limited to Accellion servers and no other TfNSW programs were affected, including those related to driver’s license details or Opal data.

“We recognize that data privacy is paramount and deeply regret that customers may be affected by this attack,” TfNSW said.

The Australian Securities and Investments Commission (ASIC) in January said one of its services was broken earlier this month in connection with the Accellion software used by the agency to transfer files and attachments.

Accellion was also used as a vector to break the Reserve Bank of New Zealand (RBNZ) early last month.

Accellion recently announced the end of its FTA product life after the software was hacked into a recent attack that has plagued many companies and government agencies around the world since December 2020.

The NSW government is not new to breaching notices. In April 2020, Service NSW, the country’s only one-nation service delivery store, encountered a cyber attack that reduced the knowledge of 186,000 customers.

After a four-month investigation that began in April, Service NSW said it had found that 738GB of data, with 3.8 million documents, had been stolen from 47 employees’ email accounts.

It was also revealed in September that details on the thousands of NSW driving license holders had been breached due to AWS’s last folder containing more than 100,000 images that had been accidentally left open.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This