CGG was recently informed of a cybersecurity incident on a server hosting Accellion software.
The company said the vulnerability that had exploited Accellion’s secure file transfer application (FTA), before they could find a corrective patch, was originally discovered in another Accellion customer environment.
At CGG, Accellion’s FTA was used on a separate server, isolated from production IT infrastructure.
“This standalone server had limited use within CGG and was not used to transfer or store personal or commercial sensitive information. There has been no operational or financial impact,” CGG said
CGG said it takes information security very seriously and will thoroughly investigate the incident in collaboration with Accellion and CGG’s external security partners, to document full details, and identify any potential areas to further reduce future risks.
Should any pertinent information become available as part of the investigation, CGG said it will notify the relevant parties.