![]() ![]() Kroger's settlement documents note that the retailer learned of the FTA data breach on Jan. Some Accellion customers report subsequently receiving emails from a criminal group called Clop asking for a ransom in exchange for not publishing data online. But that was just the first in a series of vulnerabilities that subsequently were found and patched, according to FireEye's Mandiant forensics unit, which was retained by Accellion. In mid-December, Accellion patched a SQL injection vulnerability in FTA and privately notified its customers. The lawsuits filed against Accellion allege that the company did not adequately address security shortcomings in its legacy Kiteworks FTA product. … Plaintiffs allege that Kroger did not promptly do so." The Kroger settlement documents note: "Accellion provided notice to its clients, like Kroger, that a newer and more secure Accellion file transfer product called Kiteworks was available, and that clients should migrate to this product. Kroger also has agreed to enhance its third-party vendor risk management program, court documents note. Under the proposed Kroger deal, claimants may elect to receive a choice of a cash payment calculated in accordance with specific terms of the settlement agreement, two years of credit monitoring and insurance services or reimbursement of documented losses of up to $5,000. ![]() Such exploits apparently affected dozens of other Accellion clients in healthcare and many other sectors.Ĭourt documents note that the proposed Kroger settlement would only potentially resolve claims against Kroger - not Accellion - in several class action lawsuits filed earlier this year against both companies. The lawsuits against Kroger were filed in the wake of the hacking incident involving the exploit of zero-day flaws in Accellion's legacy File Transfer Appliance software. Meanwhile, British Airways has agreed to undisclosed terms to settle a class action lawsuit filed in the wake of a 2018 data breach that led to the compromise of private information on 420,000 customers and employees. Under a proposed settlement filed recently in a California federal court, Kroger agrees to pay $5 million to resolve claims in several class action lawsuits filed in the wake of a data breach affecting more than 3.8 million employees and customers that involved its file transfer service vendor, Accellion. See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense U.S.-based pharmacy and supermarket chain Kroger and U.K.-based British Airways have each agreed to settle class action lawsuits filed in the wake of two massive data breaches. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |