Royal Dutch Shell, an Anglo-Dutch multinational oil and gas company commonly known as Shell, has become the latest organization to admit that its Accellion’s File Transfer Appliance file service has been compromised by hackers.
Shell recently confirmed that “an unauthorized party gained access to various files during a limited window of time,” some of which contained personal data, as well as information from Shell companies and some of their stakeholders.
“Upon learning of the incident, Shell addressed the vulnerabilities with its service provider and cyber security team, and started an investigation to better understand the nature and extent of the incident. There is no evidence of any impact to Shell’s core IT systems as the file transfer service is isolated from the rest of Shell’s digital infrastructure,” the company said in a statement.
“Shell is in contact with the impacted individuals and stakeholders and we are working with them to address possible risks. We have also been in contact with relevant regulators and authorities and will continue to do so as the investigation continues,” Shell added.
The energy giant did not provide additional details on when the breach occurred or when The company learned about it.
Security researchers at FireEye’s Mandiant threat intelligence division believe that a scheme of Accellion FTA-related data theft and extortion is a joint work of several threat groups, including the FIN11 cybercrime group. The groups are using the website of the gang deploying the Clop ransomware to post copies of data stolen through exploitation of zero-day vulnerabilities in FTA disclosed last year and threaten victim organizations to release more information if they refuse to pay the ransom