Intelligent CISO Issue 35 | Page 25

threat updates
2

3 NORTH AMERICA NORTH AMERICA

4

A data breach at the Office of the Washington State Auditor has compromised the personal information of 1.6 million Americans . Social security numbers and banking information were exposed in a breach of Accellion . A statement said : “ The Office of the Washington State Auditor ( SAO ) was made aware of a security breach involving Accellion , a third-party provider of hosted file transfer services . During the week of January 25 , 2021 , Accellion confirmed that an unauthorised person gained access to SAO files by exploiting a vulnerability in Accellion ’ s file transfer service . Accellion issued a statement saying the security incident regarded one of its legacy products . “ Accellion resolved the vulnerability and released a patch within 72 hours to the fewer than 50 customers affected ,” the statement said .
A hacker gained remote access to the water system of Oldsmar in Florida and changed the water chemical levels . The hacker , whose location is unknown , accessed the treatment system ’ s software and increased the sodium hydroxide levels . These were immediately returned to normal at the plant which supplies water to 15,000 residents , but the breach had the potential to provoke vomiting , nausea and diarrhoea . Daniel Kapellmann Zafra , Manager of Analysis , Mandiant Threat Intelligence , said : “ Fortunately , industrial processes are often designed and monitored by professional engineers who incorporate safety mechanisms to prevent unexpected modifications . The incident highlights the need to strengthen the cybersecurity capabilities across the water and wastewater industry .” www . intelligentciso . com
25