Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Morgan Stanley Reports Data Breach After Vendor Accellion Hack

Morgan Stanley Reports Data Breach After Vendor Accellion Hack

Image: Morgan Stanley

Investment banking firm Morgan Stanley has reported a data breach after attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of a third-party vendor.

Morgan Stanley is a leading global financial services firm providing investment banking, securities, wealth and investment management services worldwide.

The American multinational company’s clients include corporations, governments, institutions, and individuals in more than 41 countries.

Encrypted files stolen together with decryption key

Guidehouse, a third-party vendor that provides account maintenance services to Morgan Stanley’s StockPlan Connect business, notified the investment banking company in May 2021 that attackers hacked its Accellion FTA server to steal information belonging to Morgan Stanley stock plan participants.

The Guidehouse server was breached by exploiting an Accellion FTA vulnerability in January before the vendor patched it within five days of the fix becoming available.

Guidehouse discovered the breach in March and the impact to Morgan Stanley customers in May, when it notified the financial services company of the incident and that no evidence was found of the stolen data being disseminated online by the threat actors.

“There was no data security breach of any Morgan Stanley applications,” Morgan Stanley said in data breach notification letters sent to impacted individuals.

“The incident involves files which were in Guidehouse’s possession, including encrypted files from Morgan Stanley.”

Also Read: The 5 Phases of Penetration Testing You Should Know

However, even though the stolen files were stored in encrypted form on the compromised Guidehouse Accellion FTA server, the threat actors also obtained the decryption key during the attack.

Morgan Stanley says that the documents stolen during this incident contained:

  • Stock plan participants’ names
  • Addresses (last known address)
  • Dates of birth
  • Social security numbers
  • Corporate company names

The company added that the files stolen from Guidehouse’s FTA server did not contain passwords information or credentials that the threat actors could use to gain access to impacted Morgan Stanley customers’ financial accounts.

“The protection of client data is of the utmost importance and is something we take very seriously,” a Morgan Stanley spokesperson told BleepingComputer. “We are in close contact with Guidehouse and are taking steps to mitigate potential risks to clients.”

Clop gang and FIN11 behind series of Accellion hacks

While the attackers’ identity was not disclosed in Morgan Stanley’s data breach notification, a joint statement published by Accellion and Mandiant from February shed more light on the attacks, directly linking them to the FIN11 cybercrime group.

The Clop ransomware gang has also used an Accellion FTA zero-day vulnerability (disclosed in December 2020) to steal data from multiple companies.

Accellion has said that roughly 300 customers used the 20-year-old legacy FTA software, with less than 100 of them being breached in these attacks.

Starting in January, BleepingComputer has reported multiple data breaches impacting companies and organizations after their Accellion FTA servers were compromised, allowing the cybercrime groups to exfiltrate sensitive information.

So far, these threat actors have hit energy giant Shellcybersecurity firm Qualys, the Reserve Bank of New ZealandSingtel, supermarket giant Kroger, the Office of the Washington State Auditor (“SAO”), the Australian Securities and Investments Commission (ASIC), and multiple universities and other organizations.

Also Read: Got Hacked? Here Are 5 Ways to Handle Data Breaches

In February, Five Eyes members have also issued a joint security advisory on these attacks and extortion attempts.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us