| Date (Approx.) | Event | |----------------|-------| | | Threat actors identify a zero-day vulnerability in Globalscape EFT (later assigned CVE-2021-22991 ). | | Early Jan 2021 | Attackers deploy Cuba ransomware inside Globalscape’s own corporate network. | | Mid-Jan 2021 | Globalscape’s internal EFT server is encrypted; customer file transfers disrupted. | | Feb 2021 | Globalscape privately notifies affected enterprise customers. Public disclosure occurs weeks later. | | March 2021 | Security researchers confirm the vulnerability also impacts older EFT versions used by hundreds of organizations globally. | | April 2021 | CISA issues an alert urging all users of Globalscape EFT to patch immediately. |
The investigation revealed that the attackers accessed files containing sensitive Personal Identifiable Information (PII). This data included: globalscape breach
Globalscape's own research highlights that the majority of data breaches in this sector stem from employee negligence or the use of insecure "shadow IT" file-sharing tools rather than direct software exploits. | Date (Approx