It has been reported that the Washington State Auditors office (SAO) was subjected to a rather large-scale data breach which has resulted in exposing files containing more than 1.5 million employment claims.
The impacted State Auditors SAO office confirms that a hacker was able to breach vital data after manipulating vulnerabilities in the cloud computing solutions company, called Accellion.
The Washington State Auditors Office (SAO) states that the hacker was exploiting the cyber vulnerabilities in Accellion that the office collaborates with for secure file sharing and transferring services. It is believed that other clients of the company had similar consequences. If Accellion’s statements are to be considered, the particular data hack occurred back in late December 2020.
A clear comprehension of the timeline of the data breach and investigation implemented by law authorities and Accellion itself is still underway. Thorough data and information regarding this cyber hack are yet lacking to draw concrete conclusions.
The Washington State Auditors office posted the cyber hack details on their website stating that Accellion confirmed the breaching of SAO files in late January 2021. It was only after the update that SAO began identifying which particular files and records were mainly breached.
The files that were jeopardized held the private data of many residents of the state. The data files included unemployment compensation claims revealing the person’s name, social security numbers, bank account numbers, driver’s license or state ID number, etc.
Along with unemployment data files, the cyberattack has also exposed records from a few local governments and other state agencies of Washington. Investigations are still ongoing regarding the details of these records.
Agencies like Accellion are well known among the business, finance, and bank sectors that provide secure sharing services of sensitive documents of customers and users outside of the organization. Accellion learned that the particular breach occurred due to the active exploitation of zero-day vulnerabilities in their legacy FTA solution and a security update was forwarded to all clients in December 2020.
Unfortunately, multiple institutions and establishments were breached before the deployment of the security patch. These organizations included the Harvard Business School, Reserve Bank of New Zealand, as well as the Australian Securities and Investments Commission (ASIC).
Now that you have the Breach Exposes, you may also want to see our article – Breach exposes 23 million records of the popular gaming site