Discover of Accellion Facts Incident Update

Might 28, 2021

As we just lately disclosed, the University of Maryland, Baltimore was topic to a cybersecurity incident involving its Accellion file transfer appliance (FTA). Accellion, Inc. is an information and facts know-how seller of UMB that provided UMB’s FTA. UMB stopped applying the Accellion FTA in February 2021. The FTA was used to be capable to transfer and receive delicate knowledge by way of a protected protocol.

Though we experienced been confident previously that no delicate knowledge was disclosed, on March 29, 2021, UMB realized that specified information documents in UMB’s Accellion FTA had been posted on a cyber criminal’s website.

UMB quickly described this to the FBI and outdoors gurus have been engaged to examine and ascertain the whole scope of the incident. In accordance to Accellion, its FTA application was qualified starting in mid-December 2020, by a menace actor team(s). The attacks ended up perpetrated on Accellion FTA software package, which is made use of by several universities, govt companies and public and private businesses.

Fortuitously, there is no proof that UMB units other than the FTA appliance have been impacted. The investigation is ongoing, but files varied by individual and involved various forms of facts components this sort of as identify, demographic information, birthdate, diagnosis, social stability selection, driver license, supplier name, wellbeing and relevant profit details.

UMB has notified and is continuing to notify influenced men and women by mail at the past known deal with as our investigation identifies them. As generally, men and women are remaining suggested to remain vigilant and observe financial account statements and credit score experiences carefully and report any discrepancies to regulation enforcement, and we inspire activation of fraud alerts and security freezes. UMB provides id theft checking as needed by regulation.

Please send out any issues you may possibly have to: [email protected]