Qualys Update on Accellion FTA Security Incident
No impact on Qualys Cloud Platform production environments hosting customer data or codebase
Qualys, a pioneer and leading provider of cloud-based IT, security, and compliance solutions, issued an update on the security incident regarding the Accellion FTA file transfer solution.
Qualys received new information about a previously identified zero-day exploit in a third-party solution, Accellion FTA that Qualys deployed to transfer files as part of our customer support system.
Qualys confirms today there is no impact on the Qualys production environments, codebase or customer data hosted on the Qualys Cloud Platform. All Qualys platforms continue to be fully functional and at no time was there any operational impact.
Recommended AI News: Crayon US Gains Microsoft Modern Workplace Unit from Strategic Partner
Qualys had deployed the Accellion FTA server in a segregated DMZ environment, completely separate from systems that host and support Qualys products to transfer information as part of our customer support system. Qualys chose the Accellion FTA solution for encrypted temporary transfer of manually uploaded files. There was no connectivity between the Accellion FTA server and our production customer data environment (the Qualys Cloud Platform). The Accellion FTA product is a third-party system fully managed by Accellion.
Recommended AI News: Mindlance acquires Quintrix to expand its Workforce Solutions Offerings
As with any security incident, the investigation is ongoing, and we continue to look for ways to enhance security and provide the strongest protections for our customers. We have engaged FireEye Mandiant, who also worked with Accellion on the wider investigation. Qualys is strongly committed to the security of its customers and their data, and we will notify them should material information become available.
Recommended AI News: TCP Launches Demand-Driven Scheduling Solution Built by Humanity