Cybercriminals Publish Data Allegedly Stolen From Shell, Multiple Universities

The FIN11 hacking group has published on their leaks website files that were allegedly stolen from oil and gas giant Shell, likely during a cyber-security incident involving Accellion’s File Transfer Appliance (FTA) file sharing service.


Last week, Shell revealed that it was one of the organizations affected by the Accellion cyber-attack, confirming that attackers were able to steal both corporate data and personal information pertaining to its employees.


Some of these files -- including passport copies, an evaluation report and a document written in Hungarian -- are now public on a Tor-based website where hackers who conduct Clop ransomware attacks leak stolen information.


At the time of the attack on Accellion’s FTA, the soon-to-be-retired service had roughly 300 customers, with up to 25 of them believed to have suffered significant data compromise. The impacted organizations include Qualys, Kroger, Jones Day, Bombardier, and the Office of the Washington State Auditor (SAO).


Data stolen from some of these organizations ended up on FIN11’s leaks website on the Tor network, alongside files supposedly stolen from multiple educational institutions, such as University of Miami, Yeshiva University, University of Maryland, University of California, University of Colorado, and Stanford University.


In a breach notification published on March 26, the University of Mia ..

Support the originator by clicking the read the rest link below.