Accellion-related Data Breach Reported by QIMR Berghofer

The QIMR Berghofer Medical Research Institute has also announced today a data breach caused by the Accellion FTA service and has provided more detailed information regarding what information was accessed.

According to the research institute, the data breach appears to have occurred on December 25, 2020, when threat actors accessed approximately 4 percent, or 620MB, of data stored on the Accellion FTA service.

QIMR Berghofer states that they received their first notification to install Accellion's patch on January 4th, 2021. It wasn't until February 2nd, 2021 that Accellion notified them that they had suffered a data breach.

"The first notification QIMR Berghofer received from Accellion was on 4 January 2021, when the company advised the Institute to apply a security patch. The Institute immediately took the software offline and applied the patch."

"Accellion notified QIMR Berghofer on Tuesday 2 February 2021 that it believed the Institute had been affected by the data breach, which has also affected a number of Accellion’s other Australian and international clients," QIMR Berghofer disclosed in a data breach notice on their website.

Estimated Cost

No cost values disclosed.

Threat Source

Impacts

IT