NEWS
Washington State Auditor suffers breach compromising data of benefit claimants
A statement said : “ The Office of the Washington State Auditor ( SAO ) was made aware of a security breach involving Accellion , a third-party provider of hosted file transfer services . During the week of January 25 , 2021 , Accellion confirmed that an unauthorized person gained access to SAO files by exploiting a vulnerability in Accellion ’ s file transfer service .
“ Some of the SAO data files contained personal information of Washington state residents who filed unemployment insurance claims in 2020 .”
Accellion issued a statement saying the security incident regarded one of its legacy products .
“ In mid-December , Accellion was made aware of a P0 vulnerability in its legacy File Transfer Appliance ( FTA ) software . Accellion FTA is a 20-year-old product that specializes in large file transfers ,” the statement said . data breach at the Office of the Washington State Auditor
A has compromised the personal information of 1.6 million Americans . Social security numbers and banking information were exposed in a breach in December of Accellion , a software provider the auditor ’ s office used to transfer large computer files .
“ Accellion resolved the vulnerability and released a patch within 72 hours to the fewer than 50 customers affected .
“ Accellion ’ s flagship enterprise content firewall platform , kiteworks , was not involved in any way .”
Florida water breach highlights need to strengthen cybersecurity of critical infrastructure
hacker gained remote access to the
A water system of a city in Florida and changed the water chemical levels . The hacker briefly increased the amount of sodium hydroxide ( lye ) in the water treatment system at Oldsmar , but an employee worker spotted it and reversed the action .
The hacker , whose location is unknown , accessed the treatment system ’ s software and increased the sodium hydroxide levels . These were immediately returned to normal at the Oldsmar plant which supplies water to 15,000 residents .
But the breach had the potential to provoke vomiting , nausea and diarrhoea through increasing of sodium hydroxide levels in drinking water .
Daniel Kapellmann Zafra , Manager of Analysis , Mandiant Threat Intelligence , said : “ Fortunately , industrial processes are often designed and monitored by professional engineers who incorporate safety mechanisms to prevent unexpected modifications .
“ We believe that the increasing interest in industrial control systems by actors of this nature is the result of the increased availability of tools and resources that reduce the barrier to learn about and interact with these systems .
“ While the incident does not appear to be particularly complex , it highlights the need to strengthen the cybersecurity capabilities across the water and wastewater industry similarly to other critical infrastructure sectors .”
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 15