Transport for New South Wales (TfNSW), Australia, is the latest government entity to suffer from the attacks on the Accellion file transfer system.
TfNSW has experienced a data breach in a cyberattack on a file transfer system owned by Accellion, the government entity reported on Tuesday afternoon.
“Before the attack on Accellion servers was interrupted, some Transport for NSW information was taken.”
The Accellion system is used by many organizations around the world to share and store sensitive files.
Security researchers at FireEye’s Mandiant division revealed yesterday that attacks on Accellion’s FTA file transfer service can be attributed to a threat actor known as FIN11. Whether FIN11 was behind the attack on TfNSW remains unknown.
TfNSW said they involved experts from Cyber Security NSW who will help in the state government investigation in tandem with forensic specialists.
“We are working closely with Cyber Security NSW to understand the impact of the breach, including to customer data,” TfNSW wrote in a report on their website.
According to the report, the breach was limited to Accellion servers with no other TfNSW systems affected. They say data related to driver’s license information or Opal data has not leaked.
“We recognise that data privacy is paramount and deeply regret that customers may be affected by this attack,” TfNSW gave their official apologies.
The TfNSW incident is the most recent attack in a series of data breaches involving Accellion systems. Earlier in January, the Australian Securities and Investments Commission (ASIC) reported its server was breached with the breach origination from the vulnerabilities in the Accellion software, too.
Accellion was also involved in a data breach at the Reserve Bank of New Zealand (RBNZ) last month.
Accellion has been abused on many occasions in attacks on companies and government agencies across the world since December 2020. This was sparked by the company’s announcement of the end-of-life for its FTA product.