Exploitations on Accellion’s FTP has a new victim – the State Auditor office of Washington, which affected PII of over 1.6 million employment claims. The SAO office has revealed this breach in a security notification put out today, saying the data files belonging to Employment Security Department were accessed by an unauthorized party in December 2020.
Washington SAO Data Breach
It’s known that Accellion’s popular File Transfer service FTA had a zero-day bug, which was exploited by threat actors since last year to access data belonging to several companies including government agencies. The Accellion’s software is used by customers for transferring files securely with outsiders, thus needed much attention for security.
Exploiting the bug in it lead many of its clients to experience data breaches, from Reserve Bank of New Zealand to Harvard Business School to Australian Securities and Investments Commission (ASIC). Now, a new victim joined the list affected by the same cause, it is the Washington State Auditor Office (SAO).
The SAO has put out a security breach notification on its website saying that it was a victim of this attack, which was informed by Accellion on January 25th. It said the breach has happened in late December last year, where it’s now seeking more information about the incident timeline and status of the investigation.
But from what has happened already, it said the data files belonging to Employment Security Department (ESD) were breached in the incident, which contain PII of Washington residents. It said, “These ESD data files contained unemployment compensation claim information including the person’s name, social security number and/or driver’s license or state identification number, bank account number and bank routing number, and place of employment.”
The FTA bug was patched immediately by pushing a patched update in mid-December, and those who updated could have been safe. It’s still investigating to know more about the incident and reveal new victims if found.