Energy giant Royal Dutch Shell is the latest victim of a series of attacks on users of the Accellion legacy File Transfer Appliance (FTA) product, which already has affected numerous companies and been attributed to the FIN11 and the Clop ransomware gang.
“Shell has been impacted by a data-security incident involving Accellion’s File Transfer Appliance,” the company revealed on its website last week. “Shell uses this appliance to securely transfer large data files.”
Attackers “gained access to “various files” containing personal and company data from both Shell and some of its stakeholders, acknowledged the company. However, because its Accellion implementation its core IT systems were unaffected by the breach, “as the file transfer service is isolated from the rest of Shell’s digital infrastructure,” the company said.