Data Stolen 1.6 Million Americans Due To Security Breach At Cloud Company


Due to a vulnerability at cloud provider Accellion, the data of 1.6 million residents of the US state of Washington has been stolen, the Office of the Washington State Auditor has said. Previously, Australian and New Zealand government agencies were also victims of the attack.


Accellion offers a solution for exchanging files. A vulnerability in this service made it possible for an attacker to gain access to customer files at the end of December. Although the attack took place in late December, the Washington State Court of Auditors was informed by Accellion last week that it had also fallen victim to the attack.


The attacker gained access to databases of local governments and state agencies, including the Washington Department of Social Affairs and Employment. This includes information about people who applied for unemployment compensation, such as name, social security number, driver's license or state identification number, bank account number and employer.


"I want to make it clear that this was an attack on a third-party service provider. The Department of Social Affairs and Employment did not cause this and is in no way responsible for the incident," said Pat McCarthy, head of the court.


Earlier, the New Zealand central bank and the Australian Securities and Investments Commission (ASIC) also announced that they had been victims of the attack on Accellion. Accellion has said in a statement that the file sharing service has been hit by a "sophisticated attack". However, details showing that this is a complex attack are not provided. More than 40 of the company's customers were victims of the attack.

Previous Post Next Post