Singtel Suffers Zero-Day Cyberattack, Damage Unknown

Singtel Zero-Day Cyberattack

The Tier 1 telecom giant was caught up in a coordinated, wide-ranging attack using unpatched security bugs in the Accellion legacy file-transfer platform.

Singtel, Tier 1 telecom carrier throughout Asia and owner of Australian telco Optus, has been impacted by a software security hole in a third-party file transfer appliance targeted by attackers. Singtel is one of multiple organizations affected by the bug, including an Australian medical research institution.

The point of entry for the attack was software company Accellion, maker of (among other things) a legacy large file transfer product called File Transfer Appliance, or FTA. FTA is a 20-year-old product that was targeted by a “sophisticated cyberattack” on Dec. 23, according to a company notice in early February.

Singtel, one of the largest telecom companies in the world, announced Thursday that it was a victim of a cohesive set of cyberattacks. The statement coincided with Accellion’s own public acknowledgment that an ongoing vulnerability in FTA eventually led to an information compromise with Singtel and other customer systems.

Read more