Faulty emailing tool prevented Accellion from notifying customers of attacks

From therecord.media

Efforts to patch a zero-day vulnerability in Accellion file-sharing servers that was actively exploited by hackers last year were hindered by a faulty emailing tool that delayed crucial customer notifications for days, allowing the attackers to wreak havoc among Accellion devices.

The attacks, which began on December 16, last year, targeted Accellion FTA, a web-based file-sharing solution that companies usually install on their premises to allow employees and customers to host and share large files that can’t be sent via email.

Accellion released patches for the exploited vulnerabilities last year, days after learning of the ongoing hacks.

Read more…