Security Experts:

Connect with us

Hi, what are you looking for?


Incident Response

Accellion Reaches $8.1 Million Settlement Over FTA Data Breach

Enterprise content firewall provider Accellion has reached an $8.1 million settlement to end a lawsuit over a data breach involving its legacy file sharing service FTA, Reuters reports.

Enterprise content firewall provider Accellion has reached an $8.1 million settlement to end a lawsuit over a data breach involving its legacy file sharing service FTA, Reuters reports.

Accellion, which changed its brand name to Kiteworks in October 2021, provides services such as secure email, collaboration, content access, file sharing, and enterprise app sharing capabilities.

Starting mid-December 2020, Accellion FTA – a 20-year-old legacy service that was finally retired in April 2021 – was the target of a cyberattack that continued into January 2021, and which resulted in the compromise of data pertaining to multiple Accellion customers (the company claims that fewer than 100 clients were affected).

The cyberattack was attributed to the financially-motivated advanced persistent threat (APT) actor FIN11. Operating out of Russia, FIN11 is believed to be a TA505 spin-off.

Some of the organizations that have confirmed impact from the incident include the Australian Securities and Investments Commission (ASIC), business jet manufacturer Bombardier, law firm Jones Day, grocery and pharmacy chain Kroger, investment banking firm Morgan Stanley, the Office of the Washington State Auditor (SAO), cybersecurity firm Qualys, the Reserve Bank of New Zealand, Shell, Singapore telecoms firm Singtel, and University of California (UC).

In May 2021, professional services firm KPMG published a report claiming that Accellion failed to notify customers of the zero-day vulnerability that was exploited in the December 2020 cyberattack.

Accellion also faces claims that it failed to secure the sensitive information that customers entrusted to it, settlement papers filed in a California federal court show. The compromised information is said to include names, dates of birth, medical information, drivers’ license details, and Social Security numbers.

The settlement, Reuters reports, would resolve only the litigation against Accellion, but not those against Accellion clients impacted by the incident. Agreements are pending in cases against those clients.

Related: CISA Lists 300 Exploited Vulnerabilities That Organizations Need to Patch

Related: Cybercriminals Publish Data Allegedly Stolen From Shell, Multiple Universities

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.