Cybersecurity Incident Involving Third Party Supplier
Paris, France | Mar 12, 2021
CGG was recently informed of a cybersecurity incident on a server hosting Accellion software.
The vulnerability that exploited Accellion’s secure file transfer application (FTA), before they could find a corrective patch, was originally discovered in another Accellion customer environment.
At CGG, Accellion’s FTA was used on a separate server, isolated from production IT infrastructure. This standalone server had limited use within CGG and was not used to transfer or store personal or commercial sensitive information. There has been no operational or financial impact.
CGG takes Information Security very seriously and will thoroughly investigate the incident in collaboration with Accellion and CGG’s external security partners, to document full details, and identify any potential areas to further reduce future risks.
Should any pertinent information become available as part of the investigation, CGG will notify the relevant parties.