Security News > 2021 > March > Cybercriminals Publish Data Allegedly Stolen From Shell, Multiple Universities
The FIN11 hacking group has published on their leaks website files that were allegedly stolen from oil and gas giant Shell, likely during a cyber-security incident involving Accellion's File Transfer Appliance file sharing service.
Last week, Shell revealed that it was one of the organizations affected by the Accellion cyber-attack, confirming that attackers were able to steal both corporate data and personal information pertaining to its employees.
Some of these files - including passport copies, an evaluation report and a document written in Hungarian - are now public on a Tor-based website where hackers who conduct Clop ransomware attacks leak stolen information.
Data stolen from some of these organizations ended up on FIN11's leaks website on the Tor network, alongside files supposedly stolen from multiple educational institutions, such as University of Miami, Yeshiva University, University of Maryland, University of California, University of Colorado, and Stanford University.
In a breach notification published on March 26, the University of Miami confirmed impact from the Accellion incident, claiming that the file sharing service "Had been used by a small number of individuals at UM to transfer files too large for email," and that the use of the service has been discontinued.
The FIN11 hackers published on their leak website data pertaining to patients of the University of Miami Health System, UHealth.