Security News > 2021 > March > Qualys hit with ransomware: Customer invoices leaked on extortionists' Tor blog
Files appearing to originate from Qualys were dumped online this afternoon on the Tor blog of the Clop criminal extortionists.
Ransomware gang specialist Brett Callow, of infosec biz Emsisoft, told The Register: "Entities that have had dealings with Qualys should be on high alert."
In 2016 Qualys itself published research into vulns in Accellion devices, though that is no indicator of whether or not the appliances were in use by Qualys itself for their intended purpose.
Qualys issued a statement last night to say it had "Received new information about a previously identified zero-day exploit in a third-party solution, Accellion FTA, that Qualys deployed to transfer files as part of our customer support system."
It insisted that there was "No impact on the Qualys production environments, codebase or customer data hosted on the Qualys Cloud Platform. All Qualys platforms continue to be fully functional and at no time was there any operational impact."
"Accordingly, Qualys shut down the affected Accellion FTA servers and provided alternatives to customers for support-related file transfer."
News URL
https://go.theregister.com/feed/www.theregister.com/2021/03/03/qualys_ransomware_clop_gang/