Ransomware gang leaks data from Stanford, Maryland universities
By
Personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California was leaked online by the Clop ransomware group.
The threat actors obtained the documents after hacking the universities Accellion File Transfer Appliance (FTA) software used to share and store sensitive information.
Data stolen in the attack targeting Stanford Medicine s Accellion server includes names, addresses, email addresses, Social Security numbers, and financial information, reported the Stanford Daily. We discovered the breach earlier this week when the hackers posted evidence that they had accessed a limited number of files in our system containing some personally identifiable information, UMB also told DataBreaches.net.
Oil and gas company Shell suffers Accellion-related data breach siliconangle.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from siliconangle.com Daily Mail and Mail on Sunday newspapers.
Third-party service provider s security incident compromised Washingtonians personal information wa.gov - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from wa.gov Daily Mail and Mail on Sunday newspapers.
Based in Foster City, California, Qualys sells cloud-based IT, security and compliance products and has about 19,000 customers across 130 countries. In a statement released Wednesday evening, the company says it uses FTA solely to transfer files as part of our customer support system.
While customer data was stolen, Qualys says that attackers did not breach its production environments, codebase or customer data hosted on the Qualys Cloud Platform, and that all of its services remain operational and are functioning normally.
Qualys issued its statement after the Clop - aka Cl0p - ransomware gang on Wednesday began listing Qualys as a victim on its leaks site and posted six screenshots containing stolen data. The image files are named Screenshot 70.png through Screenshot 75.png. The site also contains a listing for files part 1 - apparently the first batch of stolen files - which is spread across three separate zip file archives available for download.