TeamHood Shell which deals in petrochemical and energy companies with more than 86,000 employees in over 70 countries has disclosed a data breach after attackers compromised the company’s secure file-sharing system powered by Accellion’s File Transfer Appliance (FTA).
In a statement published on its website shell said “Upon learning of the incident, Shell addressed the vulnerabilities with its service provider and cyber security team, and started an investigation to better understand the nature and extent of the incident”
It is also clarified that “There is no evidence of any impact to Shell’s core IT systems as the file transfer service is isolated from the rest of Shell’s digital infrastructure.”
According to Shell the data accessed during the attack belongs to stakeholders and Shell subsidiaries.
“Some contained personal data and others included data from Shell companies and some of their stakeholders,” the statement reads.
“Shell is in contact with the impacted individuals and stakeholders and we are working with them to address possible risks.”
Cyber security and personal data privacy are important for Shell and we work continuously to improve our information risk management practices. We will continue to monitor our IT systems and improve our security. We regret the concern and inconvenience this may cause affected parties. — Shell
Mandiant is linking this to attack to FIN11 cybercrime group.
Accellion said that 300 customers used the 20-year-old legacy FTA software, with less than 100 of them being breached by the Clop ransomware gang and FIN11 (the cybercrime groups behind these attacks).
Less than 25 victims appear “to have suffered significant data theft,” according to Accellion.
