Mandiant Issues Final Report Regarding Accellion FTA Attack

Mandiant validates full remediation of all known security vulnerabilities in the FTA product

PALO ALTO, Calif., March 01, 2021 (GLOBE NEWSWIRE) -- Accellion, Inc., provider of Kiteworks, the industry’s first enterprise content firewall, today issued a statement with regards to the previously reported cyberattacks on Accellion’s legacy File Transfer Appliance (“FTA”) product.

As previously disclosed, Accellion engaged FireEye Mandiant, a leading cybersecurity forensics firm, to conduct an investigation into the sophisticated cyberattacks on Accellion’s legacy FTA software in December 2020 and January 2021, and to review the FTA software for any other potential security vulnerabilities. Today, Mandiant has shared its full and final report with Accellion, which includes the following key findings:

  • All known FTA vulnerabilities have been remediated: Following penetration testing and code review, Mandiant has validated that Accellion has closed all known FTA vulnerabilities with patches issued soon after the vulnerabilities were identified.

  • Mandiant did not identify any additional vulnerabilities that were exploited by the attackers: The previously remediated vulnerabilities were the only ones known to be involved in the December 2020 and January 2021 attacks. During their investigation, Mandiant identified two new vulnerabilities, which have since been patched, accessible only by authenticated FTA users. Mandiant found no evidence that these vulnerabilities were exploited by threat actors.

Charles Carmakal, SVP and CTO of FireEye Mandiant, said, “We worked closely with the Accellion team over the past several weeks to review the Accellion FTA solution. We have concluded our security assessment and determined that effective patches have been made available for all Accellion FTA vulnerabilities known to have been exploited by threat actors in December 2020 and January 2021. As part of our engagement, Mandiant performed penetration testing and code review of the latest version of the FTA solution (9.12.444) and we have confirmed that Accellion has closed all identified FTA vulnerabilities.”

“Since becoming aware of these attacks, our team has been working around the clock to develop and release patches that resolve each identified FTA vulnerability, and support our customers affected by this incident,” said Jonathan Yaron, Accellion’s Chief Executive Officer. “I want to thank the Mandiant team for their expert collaboration in investigating this incident and reviewing our software to ensure all known FTA vulnerabilities have indeed been closed. To better ensure customer security in today’s dynamic threat environment, we have decided to accelerate FTA’s end-of-life to April 30, 2021 and continue to strongly urge all FTA customers that have not done so already to upgrade to the Kiteworks® platform as soon as possible.”

Accellion’s Kiteworks® content firewall platform was not affected by these attacks. The vulnerabilities exploited in these attacks apply only to Accellion’s legacy FTA product. Kiteworks® is built on a completely different code base using state-of-the-art security architecture, and is designed to provide industry-leading security for sensitive third party communications.

Accellion remains committed to supporting customers impacted by this incident, including assisting clients in their forensic analysis. Accellion developed a special tool for clients to use on their systems in order to check for indicators of compromise associated with the attack activity and to identify any files downloaded if their system was exploited. Additionally, Accellion has established a new “Trust Center” page on its website that includes a comprehensive FAQ and timeline of the attack as well as other relevant security information and updates. The Trust Center can be found at

To read Mandiant’s full findings on the cyberattacks on Accellion’s legacy FTA product, please visit Accellion FTA Attack - Mandiant Report.

To learn more about how Accellion helps organizations secure their third-party communications, please visit Enterprise Content Firewall.

About Accellion
The Accellion enterprise content firewall prevents data breaches and compliance violations from sensitive third party communications. With Accellion, CIOs and CISOs gain complete visibility, compliance, and control over IP, PII, PHI, and other sensitive content across all third-party communication channels, including email, file sharing, mobile, enterprise apps, web portals, SFTP, and automated inter-business workflows. Accellion has protected more than 25 million end users at more than 3,000 global corporations and government agencies, including NYC Health + Hospitals; KPMG; Kaiser Permanente; National Park Service; Tyler Technologies; and the National Institute for Standards and Technology (NIST). For more information, please visit or call (650) 485-4300. Follow Accellion on LinkedIn, Twitter, Facebook, and Accellion's Blog.

Media Contact
Rob Dougherty
(650) 687-3163

Accellion and Kiteworks are registered trademarks of Accellion USA LLC. in the US and other countries. All other trademarks contained herein are the property of their respective owners.