Security News > 2021 > April > Qualys says Accellion hackers did not breach production systems

Qualys says Accellion hackers did not breach production systems
2021-04-02 16:28

Cybersecurity firm Qualys said today that the attackers who breached its Accellion FTA server didn't infiltrate the company's production and corporate environments.

"Qualys also noted that the investigation found that the company's"existing security rules would not have allowed any such access between the Accellion FTA server and Qualys' corporate and production environment.

"As previously noted, the impact on Qualys and our customers is contained to the Accellion FTA server," said Ben Carr, Qualys Chief Information Security Officer.

"We continue to be confident that there is no impact from this incident on the Qualys production environments, codebase, customer data hosted on the Qualys Cloud Platform, Qualys Agents or Scanners."

These findings independently confirm our conclusion that the impact on Qualys and our customers is contained to those files stored on the Accellion FTA server at the time of the incident.

BleepingComputer has reported breaches affecting multiple companies and organizations following attacks targeting Accellion FTA. Besides the one on cybersecurity firm Qualys server, we also reported about attacks on the supermarket giant Kroger, the Reserve Bank of New Zealand, Singtel, QIMR Berghofer Medical Research Institute, the Australian Securities and Investments Commission, and the Office of the Washington State Auditor.


News URL

https://www.bleepingcomputer.com/news/security/qualys-says-accellion-hackers-did-not-breach-production-systems/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Accellion 6 0 15 7 13 35
Qualys 6 0 7 4 0 11