University of Miami suffers data breach in connection with cloud provider Accellion

In this Aug. 25, 2020, file photo, a pedestrian walks past an entrance to the University of Miami in Coral Gables. (AP Photo/Wilfredo Lee, File) (Copyright 2020 The Associated Press. All rights reserved)

CORAL GABLES, Fla. – The University of Miami was the victim of a data security breach involving third-party vendor Accellion, a beleaguered California-based global cloud provider, UM said in a statement on Thursday.

According to the statement, the incident was limited to the Accellion server that is used for secure file transfers and did not compromise other systems or affect outside systems linked to UM’s network.

“As soon as we became aware of the incident, we took immediate action to investigate and contain it,” a university spokesperson wrote in a statement. “We also retained leading cybersecurity experts.”

UM did not identify the experts, but reported also having involved law enforcement in the probe of the hack, which exploited the vulnerabilities of Accellion’s File Transfer Appliance or FTA.

The Accellion security incident has also affected Harvard and the University of Colorado. Federal, state, local, tribal, and territorial government organizations have also fallen prey. The list of private industry organizations victimized includes energy giant Shell, Kroger, and Flagstar Bank.

“We continue to enhance our cybersecurity program to further safeguard our systems from cyber threats,” the UM statement said.

UM did not release specifics about the data that was compromised, or details about when it happened, or whether students’ data was stolen during the hack.

In February, Accellion announced that it was working with FireEye, a California-based cybersecurity company, after a series of cyberattacks in December and January. The researchers released a report on March 1st saying, “All known FTA vulnerabilities have been remediated.”

More cybersecurity stories


About the Author: