Singapore-based telecomm company Singtel has acknowledged a data breach that may have negatively impacted their customers’ data. The incident affected a two decade old file-sharing system developed by third-party firm Accellion, which works with Singtel as external collaborators. In a security alert released a few hours ago the telecomm company mentions that the affected system, known as File Transfer Appliance (FTA), was successfully breached by unknown threat actors.
As a security measure the company temporarily shut down the affected system and notified local authorities and the Singapore’s Cyber Security Agency. Singtel security teams are already investigation the issue and trying to determine the real breach impact: “As a result, some of our customers’ information may have been exposed”, mentions the security alert.
Singtel added that its main operations were not affected by this incident. In its website, the company mentioned that it is currently analyzing the file-sharing protocol to ensure this information protection: “Due to the complexity of this investigation process, it will take an undetermined amount of time to solve the problems; we may contact those users whose data may have been impacted”, Singtel added.
On the vendor of the affected system, an Accellion spokesperson mentioned that the FTA solution is a file-transferring software close to the end of its lifecycle. The spokesperson mentioned that this system was targeted by a sophisticated cyberattack, purposely detected last December 23. The developers also mentioned that this attack is related to the exploitation of a zero-day flaw and it lasted at least a month.
As per Accellion, the attack impacted less than 50 of its customers, adding that they are already offering monitoring tools and services to prevent further attacks targeting the affected clients: “The exploited vulnerabilities only impact the FTA software; our firewalls, enterprise networks and file systems were not affected at all”, the company added.
The cybersecurity community has already presented a few questions about the incident, mainly related to the usage of a virtually obsolete file-sharing service. Even though Singtel spokesperson hasn’t commented about this issue, they did mention that Accellion reported the breach last December 23, besides providing some temporary security patches. Since December 27, the company has released no additional corrections to the issue.
Some specialists also mentioned that FTA may have received little attention from system admins and, due to its long lifetime, it may require additional protections against vulnerability exploitation and other security incidents.
He is a cyber security and malware researcher. He studied Computer Science at Miami and started working as a cyber security analyst in 2008. He is actively working as an cyber security investigator. He also worked for security companies like Cisco. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.