Security News > 2021 > February > Singtel Suffers Zero-Day Cyberattack, Damage Unknown

Singtel Suffers Zero-Day Cyberattack, Damage Unknown
2021-02-12 17:05

The statement coincided with Accellion's own public acknowledgment that an ongoing vulnerability in FTA eventually led to an information compromise with Singtel and other customer systems.

"The Accellion file transfer product used by Singtel is 20 years old, and continues to be used by many organizations in the financial, governmental and commercial sector to transfer large files, despite Accellion's offering of newer and more secure file-sharing solutions," Chloé Messdaghi, chief strategist, Point3 Security, said via email.

Accellion disclosed the initial vulnerability to Singtel on Dec. 23 when it discovered it.

Then a month later on Jan. 23, Accellion issued another advisory citing a new vulnerability that bypassed the Dec. 27 patch, Singtel said.

Singtel used Accellion FTA "To share information internally as well as with external stakeholders," it said in a website statement.

It said in a statement that it uses Accellion FTA "To receive and share data from clinical trials of anti-malarial drugs," and that about 4 percent of data held on the file-sharing was accessed by an unknown party on Christmas Day.


News URL

https://threatpost.com/singtel-zero-day-cyberattack/163938/