It has been reported that Kroger Co. has announced it was among the victims of a data breach involving Accellion’s file-transfer service. The company believed that only 1% of its customers were affected and are being notified of the breach. Kroger said it was among victims of the December hack of a file-transfer product called FTA developed by Accellion, and that it was notified of the incident on 23 January, when it discontinued the use of Accellion’s services. Commenting on the news are the following cybersecurity experts:
Experts Comments
It’s been a month from becoming aware of the breach to this wider disclosure, but it seems it’s been hard to establish who has been affected at all – leaving the company with the very tough decision on who to inform, and a challenge of meeting the timeliness of doing so.
One interesting aspect of data security incidents is that they aren’t necessarily one-off events. Given that many enterprises depend on the same tools or software within their IT infrastructures, when a vulnerability in a core tool is exposed, a domino effect of incidents takes place as various organizations announce the effect on them and their customers.
This is the case with the ongoing Accellion file-transfer breach. Kroger is the latest organization to announce that it was affected by
.....Read MoreDot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Proper validation of these controls should be applied using a defense-in-depth strategy to protect critical data. In other words, implementing multiple layers of security controls throughout the application’s software development life cycle. Additionally, a vulnerability management policy should be in place to identify and eradicate existing vulnerabilities which may surface in the future as the world of application security and cybersecurity evolves."
Linkedin Message
@Amit Sharma, Security Engineer , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"One of the most substantial security challenges organisations currently face is how to manage their legacy products...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-retail-giant-kroger-data-breach
Facebook Message
@Amit Sharma, Security Engineer , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"One of the most substantial security challenges organisations currently face is how to manage their legacy products...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reacted-on-retail-giant-kroger-data-breach