Total Tests:

Qualys caught up in Accellion FTA breach

By Alex Scroxton for ComputerWeekly
Friday, March 5, 2021

The scope of the Accellion FTA breach has now widened to include cloud-based security services supplier Qualys, which has had some of its customer data published to a dark web leak site operated by the Cl0p ransomware gang, as reported by our sister title LeMagIT.

ImmuniWeb’s Ilia Kolochenko commented: “Qualys’ response to the incident is a laudable example of transparent and professional handling of a security incident. Under the integrity of currently disclosed circumstances, I see absolutely no reason for panic.

“The very nature of the incident suggests that the number of affected customers and other third parties is likely very limited. Moreover, sensitive data, such as vulnerability reports or customer passwords, are almost certainly unaffected.

“So, I would definitely refrain from labelling the attack as a breach, but rather a security incident. A third-party investigation will likely shed light on the situation and hopefully will bring even more assurance to Qualys customers.”

Qualys joins a growing number of users of Accellion’s FTA product to have found data stolen via four different vulnerabilities – two found in December 2020 and two in January 2021 – released on Cl0p’s victim-shaming site. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential