A serious data breach has revealed that the Washington State Audit Office suffered after a leak of 1.6 million personal information of citizens for employment claims.
The vulnerability in the system is found in a secure file transfer service of Accellion, according to the Washington State Audit Office (“SAO”), as the hacker took advantage of the security bridge and managed to break into the system.
The sensitive personal data of the Washington residents that were leaked was in data files from the Employment Security Department (ESD).
The attack on the system also exposed sensitive data from local governments and other state agencies, causing great upset in the SAO, which is still investigating what information is contained in these files.
Accellion is a service provider that specializes in the secure transfer of sensitive files, enabling organizations to share sensitive documents with users outside the organization.
The “gap” as Accellion states is in a zero-day vulnerability. Before the company was able to develop the update that fix’s this bridge, the vulnerability in the Accellion system caused violations in other organizations as well.