![]() ![]() The cyberattack was first uncovered on December 23, and Accellion initially claimed the FTA vulnerability was patched within 72 hours before it was later forced to explain that new vulnerabilities were discovered. While data breaches tend to grow past initially reported figures, the fact that organizations are still coming out as Accellion victims more than six months later shows that the business software provider still hasn’t managed to get a handle on it. Just weeks before that, so did UC Berkeley. Just days before news of the Morgan Stanley data breach came to light, an Arkansas-based healthcare provider confirmed it had also suffered a data breach as a result of the Accellion attack. “We are in close contact with Guidehouse and are taking steps to mitigate potential risks to clients.” “The protection of client data is of the utmost importance and is something we take very seriously,” a Morgan Stanley spokesperson told TechCrunch. ![]() The documents were encrypted, but the letter said that the hackers also obtained the decryption key, though Morgan Stanley said the files did not contain passwords that could be used to access customers’ financial accounts. In a letter sent to those affected, first reported by Bleeping Computer, Morgan Stanley admitted that threat actors stole an unknown number of documents containing customers’ addresses and Social Security numbers. The investment banking firm - which is no stranger to data breaches - confirmed in a letter this week that attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of its third-party vendor, Guidehouse. Morgan Stanley has joined the growing list of Accellion hack victims - more than six months after attackers first breached the vendor’s 20-year-old file-sharing product. ![]()
0 Comments
Leave a Reply. |