In the latest cybercrime developments, New South Wales Health, i.e NSW Health has reported a data breach following the Accellion FTA cyberattack.
Massive Accellion FTA cyberattack:
Accellion, Inc. is an American technology company specializing in secure file sharing and collaboration, targeted towards businesses.
The Accellion services were widely used to share and store files by organizations around the world, including NSW Health, and numerous other organizations around the globe.
The Accellion file-sharing service Accellion FTA i.e File Transfer Appliance is an organization-focused service utilized for transferring large files.
A critical zero-day vulnerability in the Accellion FTA software was discovered back in December 2020 and has since been exploited by malicious actors in the wild on multiple instances.
The software breach has since made major headlines and it is estimated that some 100 organizations around the world were among those affected by the breach.
Also read,
Impact on NSW Health:
“Following the NSW government’s advice earlier this year around a worldwide cyberattack that included NSW government agencies, New South Wales Health is notifying people whose data may have been accessed in the global Accellion cyber attack,” stated the health organization.
Detailing the impact of the cyberattack, the government organization provided that no medical records and data of public hospitals were affected. They also noted that the Accellion software has been terminated by the organization.
However, the data that may have been included in the cyberattack varies from identity data, and in certain instances, health-related data may have also been impacted by the attack.
Since then, efforts are being made by the medical organization to work in coordination with the official authorities and NSW Cyber Security to investigate the cyberattack.
As of yet, there is no evidence directing that the affected data has been misused in any way.
“A cyber incident helpline has been set up to provide further information and support to those people NSW Health is contacting,” it said. “If you are contacted by NSW Health, you will be given the cyber incident helpline details; if you are not contacted by New South Wales Health, no action is required.”
