Optus parent organization SingTel assesses potential Accellion data breach
Parent organization of Australian telecom giant Optus, Singapore Telecommunications Limited said that it is currently investigating the impact of a possible security breach. SingTel says that the cybersecurity breach might have exposed and compromised customer data.
In a media statement, SingTel said that it was informed by Accellion, a third-party vendor that its File Transfer Appliance (FTA) has been attacked illegally by unidentified hackers. Accelion’s FTA is a standalone system which was used by SingTel to share data information internally and with external stakeholders, said the Singapore-based telco.
More on the SingTel security breach
Singapore Telecommunications says that customer information might have been compromised and it is their priority is to work directly with the affected customers and stakeholders whose data may have been compromised. SingTel says that it’ll reach out to the affected parties, keep them supported and help them manage risks at the earliest once they identify which files were illegally accessed.
The Singapore Exchange-listed Singtel says since the breach, the company suspended the use of the system. commenced investigations and is working closely with cyber security experts and other relevant authorities, like the Cyber Security Agency of Singapore, in order to get in control of the situation.
The cyber attack on Accellion’s FTA
The incident of SingTel cybersecurity breach is part of a wider attack against users of Accellion. In a press release dated 1st February 2021, the provider of enterprise content firewall Accellion, Inc. said that its FTA (a 20-year old product “nearing end-of-life” became the target of cyberattack.
All customers of FTA were promptly alerted about the attack. The vendor said that it patched all known vulnerabilities exploited by attackers in the FTA system and added new monitoring as well as alerting capabilities to flag unusual activities.
About 50 Accellion customers were affected by the attack. However, the company says that its vulnerabilities were limited just to FTA software and does not impact Kiteworks, its enterprise content firewall product. Kitework is Accellion’s product on which its most customers operate and stays unaffected as it was developed on a different security architecture and code base altogether, said Accellion.
In January 2021, the Australian Securities and Investments Commission (ASIC) became a victim of a similar cyber breach. The compromised information included data related to credit license applications. However, ASIC says the information was been viewed by the hackers and it didn’t appear like the data was downloaded. Being an Accellion customer, the Reserve Bank of New Zealand also suffered from a similar attack in early January 2021.
For more updates and latest tech news, keep reading iTMunch!