Energy giant Shell disclosed a data breach after attackers compromised the company’s secure file-sharing system powered by Accellion’s File Transfer Appliance (FTA).
Shell (Royal Dutch Shell plc) is a multinational group of petrochemical and energy companies that employs more than 86,000 people in over 70 countries.
It is also the fifth-largest company in the works based on its 2020 revenue results according to Fortune’s Global 500 rankings.
Shell disclosed the attack on the company’s website and stated that the incident only affected the Accellion FTA appliance used to transfer large data files securely.
On becoming aware of the incident, Shell addressed the vulnerabilities with its service provider and cyber security team, and started an investigation to better understand the nature and extent of the incident.
However, there is no evidence of any impact to Shell’s core IT systems as the file transfer service is isolated from the rest of Shell’s digital infrastructure.
The company reported the incident to the relevant data authorities and regulators after discovering that the attackers gained access to files transferred using the compromised Accellion FTA appliance.
Some of the data accessed during the attack belongs to stakeholders and Shell subsidiaries. The company regrets for the inconvenience caused and they are in contact with the affected individuals and stakeholders and are working with them to address possible risks.
Even though the identity of the attackers was not disclosed by the company, a joint statement published by Accellion and Mandiant last month links them to the FIN11 cybercrime group.
The Clop ransomware gang was also using an Accellion FTA zero-day vulnerability (disclosed in mid-December 2020) to compromise and steal data from multiple companies.
Accellion said that 300 customers were using the 20-year-old legacy FTA software, with less than 100 of them being breached by the Clop ransomware gang and FIN11.
Image Credits : JWN Energy