![]() Security experts: End-of-life tools must be replaced Other victims of the same attack include the Reserve Bank of New Zealand, the University of Colorado, the auditor of Washington state and the law firm Jones Day, according to the Associated Press. ![]() According to the grocery chain’s statement, Accellion said “an unauthorized person gained access to certain Kroger files by exploiting a vulnerability” in the file transfer service. Kroger was just one of many organizations affected by a larger attack on Accellion’s legacy File Transfer Appliance. “While Kroger has no indication of fraud or misuse of personal information as a result of this incident, out of an abundance of caution Kroger has arranged to offer credit monitoring to all affected individuals at no cost to them.” SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic) After being informed of the incident’s effect on January 23, 2021, Kroger discontinued the use of Accellion’s services, reported the incident to federal law enforcement, and initiated its own forensic investigation to review the potential scope and impact of the incident,” the statement said. “No credit or debit card information or customer account passwords were affected by this incident. The company said it is in the process of contacting victims but confirmed that none of its IT systems or any grocery store systems or data were affected by the breach. Must-read security coverageĪtlas VPN Review (2023): Features, Pricing, AlternativesĪustralia, New Zealand Enterprises Spend Big on Security - But Will It Be Enough? Kroger became the latest major company to announce a data breach, acknowledging in a statement that information from some current and former employees as well as customers of Kroger Health and Money Services were impacted by an attack on a third-party file transfer tool from Accellion. Kroger data breach highlights urgent need to replace legacy, end-of-life toolsĪttackers used an outdated File Transfer Appliance from Accellion to gain access to data, the company said.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |