Energy giant Shell discloses data breach after Accellion hack


Level 75
Content Creator
Malware Hunter
Aug 17, 2014
Energy giant Shell has disclosed a data breach after attackers compromised the company's secure file-sharing system powered by Accellion's File Transfer Appliance (FTA).

Shell (short for Royal Dutch Shell plc) is a multinational group of petrochemical and energy companies with more than 86,000 employees in over 70 countries.
It is also the fifth-largest company in the works based on its 2020 revenue results according to Fortune's Global 500 rankings.

Shell disclosed the attack in a public statement published on the company's website last week and said that the incident only affected the Accellion FTA appliance used to transfer large data files securely.

"Upon learning of the incident, Shell addressed the vulnerabilities with its service provider and cyber security team, and started an investigation to better understand the nature and extent of the incident," Shell said.
"There is no evidence of any impact to Shell's core IT systems as the file transfer service is isolated from the rest of Shell's digital infrastructure."

Shell also reached out to relevant data authorities and regulators after discovering that the attackers gained access to files transferred using the compromised Accellion FTA appliance.

According to the company, some of the data accessed during the attack belongs to stakeholders and Shell subsidiaries.

"Some contained personal data and others included data from Shell companies and some of their stakeholders," the statement reads.
"Shell is in contact with the impacted individuals and stakeholders and we are working with them to address possible risks."
Cyber security and personal data privacy are important for Shell and we work continuously to improve our information risk management practices. We will continue to monitor our IT systems and improve our security. We regret the concern and inconvenience this may cause affected parties. — Shell